-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I think it falls under the security vs. convenience category. Ideally,
everyone would use a different multi-word pass phrase for every account they
deal with. However, that's not very convenient. I like having the option to
allow sites to set up
Hi
Would LDAP authentication be better choice? In this case password policy
already enforced by central LDAP server.
Users would login to reservations using the same credentials as for VCL
front-end (which uses LDAP auth)
Linux already has built-in support for LDAP authentication.
pGina
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dmitri,
I like this idea as well. I think to do it right, there should be password
strength enforcing criteria in place to make sure users have strong passwords.
I also agree with others that it should be a configurable options. Can you go