[jira] [Comment Edited] (RANGER-3687) Password Policy Best Practices for Strong Security

Mon, 18 Apr 2022 21:37:07 -0700 


    [ 
https://issues.apache.org/jira/browse/RANGER-3687?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17524044#comment-17524044
 ] 

Pradeep Agrawal edited comment on RANGER-3687 at 4/19/22 4:36 AM:
------------------------------------------------------------------

[~kirbyzhou] /[~bpatel]  : 

1) At my end character set is utf8 (An alias for utf8mb3) and not the utf8mb4. 
collation set is utf8_general_ci

2) Also, I will not suggest anyone to switch to utf8mb3 if they are already 
using utf8mb4 in existing env.  User need to do that as per their requirement 
or if there is issue in ranger at the runtime(not during install) and switching 
to utf8mb4 is the only option.

3) We are not explicitly assigning character set or collation in DB schema and 
will never do that unless there is any valid reason for it. currently ranger db 
schema script is independent of user's env. and by default it will follow 
character set or collation as per their mysql engine. 


was (Author: pradeep.agrawal):
[~kirbyzhou] /[~bpatel]  : 

1) At my end character set is utf8 (An alias for \{{utf8mb3) and not the 
utf8mb4. collation set is }}utf8_general_ci

2) Also, I will not suggest anyone to switch to utf8mb3 if they are already 
using utf8mb4 in existing env.  User need to do that as per their requirement 
or if there is issue in ranger at the runtime(not during install) and switching 
to utf8mb4 is the only option.

3) We are not explicitly assigning character set or collation in DB schema and 
will never do that unless there is any valid reason for it. currently ranger db 
schema script is independent of user's env. and by default it will follow 
character set or collation as per their mysql engine. 

> Password Policy Best Practices for Strong Security
> --------------------------------------------------
>
>                 Key: RANGER-3687
>                 URL: https://issues.apache.org/jira/browse/RANGER-3687
>             Project: Ranger
>          Issue Type: Improvement
>          Components: Ranger
>    Affects Versions: 3.0.0, 2.3.0
>            Reporter: Bhavik Patel
>            Assignee: Bhavik Patel
>            Priority: Major
>             Fix For: 3.0.0, 2.3.0
>
>
> # Password history should be configured to restrict users from reusing their 
> last 4 or 5 passwords.
>  # Forcing users to change passwords every 90-180 days 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Reply via email to