On Thu, Jun 6, 2024 at 1:03 PM Štefan Miklošovič < stefan.mikloso...@gmail.com> wrote:
> It is interesting to see this feedback. When I look at CEP-24 where I am > obsessing about a user being able to misconfigure the password validation > strength so if a user hits a "weak" node then she would be able to bypass > it, and I see what is our approach here, then I am not sure what I was > waiting so long for and I should probably be just more aggressive with the > CEP and all the "caveats" could be just overlooked and deferred to > "sometimes later". > Stefan, unfortunately I didn't participate in the CEP-24 DISCUSS thread. Had I paid attention I would have suggested waiting on TCM doesn't make the feature any different. The feature is less likely to be misconfigured in a cluster. CEP-24 is valuable and password compliance with policies is a super useful feature which IMO shouldn't have been held back due to lack of TCM.
