You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@commons.apache.org by "Ralf Hauser (JIRA)" <ji...@apache.org> on 2007/04/12 19:26:32 UTC

[jira] Commented: (VALIDATOR-134) [validator] create 5 or more password-policy validators

    [ https://issues.apache.org/jira/browse/VALIDATOR-134?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12488431 ] 

Ralf Hauser commented on VALIDATOR-134:
---------------------------------------

I thought that one advantage of open source is that you could learn from other's implementations and then only do your incremental custom enhancements that you eventually give back to the community?

In particular for a field like security that for most is a nuisance/after-thought/collateral, it would be great to have something fairly reasonable to start from?

> [validator] create 5 or more password-policy validators
> -------------------------------------------------------
>
>                 Key: VALIDATOR-134
>                 URL: https://issues.apache.org/jira/browse/VALIDATOR-134
>             Project: Commons Validator
>          Issue Type: Improvement
>          Components: Routines
>         Environment: Operating System: All
> Platform: Other
>            Reporter: Ralf Hauser
>            Priority: Minor
>
> besides the already existing length-check, the following (server-side only as
> per COM-160 - although most sites tell a cracker on their registration pages
> in plain english anyway what the minimum policy is) validators would be useful:
> - require capital letter
> - require a non-captial letter
> - require a number
> - require a special character.
> Furthermore there should be combination-validators, e.g. one would use the above
> four to implement a "2 out of 4" rule.
> Most government uses require something alike, e.g. as per
> http://www.isb.admin.ch/imperia/md/content/sicherheit/informatiksicherheit/sicherheitsweisungen/anhang1_d.pdf,
> item 2.4 (German)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org