Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-30316

Increase default minimum password length

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: High
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 2.5.0
    • Labels:
      None

      Description

      The default password strengt requirements in eZ Publish and eZ Platform, out of the box, are too low. A conscientous admin will improve these, but our defaults should be safer. I propose 10 characters as the default minimum length. (8 is common, but there are indications that this is not safe enough anymore.)

      eZ Platform also supports quality checks: upper/lower case, digits, special chars. I propose to enable these as default, except special chars (to reduce the annoyance factor).

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            gunnstein.lye@ez.no Gunnstein Lye
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 day, 6 hours, 45 minutes
                1d 6h 45m