[
https://issues.apache.org/jira/browse/CLOUDSTACK-10082?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Rafael Weingärtner updated CLOUDSTACK-10082:
--------------------------------------------
Priority: Major (was: Minor)
> Enforcing local password policies
> ---------------------------------
>
> Key: CLOUDSTACK-10082
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10082
> Project: CloudStack
> Issue Type: New Feature
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: API, Management Server
> Reporter: Marcelo Lima
>
> No matter how secure a user make your password initially, his will eventually
> choose her own password. Therefore, CloudStack should set account policies
> that define a secure password for access for GUI. Password policies are a
> subset of the policies configurable in Global Settings:
> Enforce Password History
> This sets how frequently old passwords can be reused. With this policy, you
> can discourage users from alternating between several common passwords.
> Maximum Password Age
> This determines how long users can keep a password before they have to change
> it, in days.
> Minimum Password Age
> This determines how long users must keep a password before they can change
> it, in days.
> Minimum Password Length
> This sets the minimum number of characters for a password
> Passwords Must Meet Complexity Requirements
> - Passwords must have at least six characters.
> - Passwords can’t contain the user name or parts of the user’s full name,
> such as his first name.
> - Passwords must use at least three of the four available character types:
> lowercase letters, uppercase letters, numbers, and symbols.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
