Hi Inosh, requireAlphanumeric - Whether alphabetic characters are required or is it > enough to have numbers only. >
AFAIK, alphanumeric characters include both alphabetic characters and numbers [1]. So if we use 'requireAlphanumeric' option to force using alphabetic characters, wouldn't it be confusing too? Because a password contains only numbers are also an alphanumeric password. So my suggestion is to change the name of the option 'requireAlphanumeric' to a less confusing one such as 'requireAlphabeticCharacters'. WDYT? [1] - https://en.wikipedia.org/wiki/Alphanumeric Regards, Madawa On Wed, Jan 31, 2018 at 11:51 AM, Rasika Perera <[email protected]> wrote: > Hi Inosh, > > Please find inline comments. > >> Therefore, as per iOS protocol, following would be the standard of the >> passcode policy, >> allowSimple - If a simple passcode containing just numbers or just >> letters or combination is allowed. Setting this to "no" mean, a complex >> passcode is required and of minimum of 1 complex character together with >> numbers >> or alphabets characters. >> minComplexChars - A complex character is a character other than an >> alphanumeric value. Setting min complex chars restriction will not mean >> that an alphabetic character is required. >> requireAlphanumeric - Whether alphabetic characters are required or is it >> enough to have numbers only. > > Could you describe what would be the minimum sufficient password for each > combination for isSimple, isAlphanumeric, isComplex ? > > Best Regards, > ~Rasika > > On Tue, Jan 30, 2018 at 3:33 PM, Inosh Perera <[email protected]> wrote: > >> Hi all, >> >> Currently the passcode policy of IoT server for Android and iOS platforms >> seems to have followed 2 different approaches and this inconsistency can >> lead to confusion for an EMM administrator. >> >> *Following are the inconsistencies,* >> In iOS protocol, allow simple passcode means that the user is free to >> enter just a pin or any passcode. However with Android currently, it must >> be a alphanumeric value only. >> Also in iOS disallow simple is equivalent to having at least one complex >> characters regardless of the alphanumeric check. When alphanumeric is not >> required and complex characters are set to 1, the user should be able to >> add a password like "1234$" as the passcode and currently Android policy >> does not support this behaviour and it ask for a minimum one alphabetic >> character regardless of the state of alphanumeric checkbox. Therefore to >> get rid of these inconsistencies, I suggest we should make the Android >> passcode policy work similar to iOS. >> >> *Solution* >> Therefore, as per iOS protocol, following would be the standard of the >> passcode policy, >> allowSimple - If a simple passcode containing just numbers or just >> letters or combination is allowed. Setting this to "no" mean, a complex >> passcode is required and of minimum of 1 complex character together with >> numbers or alphabets characters. >> minComplexChars - A complex character is a character other than an >> alphanumeric value. Setting min complex chars restriction will not mean >> that an alphabetic character is required. >> requireAlphanumeric - Whether alphabetic characters are required or is it >> enough to have numbers only. >> >> Regards, >> Inosh >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > With Regards, > > *Rasika Perera* > Senior Software Engineer > LinkedIn: http://lk.linkedin.com/in/rasika90 > > <http://wso2.com/signature> > > WSO2 Inc. www.wso2.com > lean.enterprise.middleware > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Madawa Soysa / Software Engineer [email protected] / +94714616050 *WSO2 Inc.* lean.enterprise.middleware <https://wso2.com/signature>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
