You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@directory.apache.org by bu...@apache.org on 2013/04/13 08:56:42 UTC

svn commit: r858306 - in /websites/staging/directory/trunk/content: ./ apacheds/advanced-ug/4.3-password-policy.html

Author: buildbot
Date: Sat Apr 13 06:56:42 2013
New Revision: 858306

Log:
Staging update by buildbot for directory

Modified:
    websites/staging/directory/trunk/content/   (props changed)
    websites/staging/directory/trunk/content/apacheds/advanced-ug/4.3-password-policy.html

Propchange: websites/staging/directory/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Sat Apr 13 06:56:42 2013
@@ -1 +1 @@
-1467563
+1467564

Modified: websites/staging/directory/trunk/content/apacheds/advanced-ug/4.3-password-policy.html
==============================================================================
--- websites/staging/directory/trunk/content/apacheds/advanced-ug/4.3-password-policy.html (original)
+++ websites/staging/directory/trunk/content/apacheds/advanced-ug/4.3-password-policy.html Sat Apr 13 06:56:42 2013
@@ -140,7 +140,7 @@
 <h1 id="43-password-policy">4.3. Password Policy</h1>
 <p>The <strong>Password Policy</strong> is a <strong><a href="http://tools.ietf.org/html/draft-behera-ldap-password-policy-10">RFC</a></strong> draft that has been designed for the very first version in 1999, and the latest version is from 2009. Although it's still a draft, and it's currently noted as inactive, it has been implemented by many existing <strong>LDAP</strong> servers.</p>
 <p><strong>ApacheDS</strong> implements the draft.</p>
-<p><DIV class="warn" markdown="1">
+<p><DIV class="warning" markdown="1">
 Enforcing a strict passowrd policy is extremely punitive to users. It may leads users to workaround the policy by storing their password in a postit, an workaround that will defeat any password policy...</p>
 <p>Always try to think about better alternatives than force users to always define password with 10 or more characters, including numbers, upper and lower case, special chars, and to change it every month...</p>
 <p>A long sentence (4 or 5 words), like "The horse has won the race three time" is most certainly a better passowrd than any other combinaison, and is easy to remember...