--- Comment #4 from Jeff Green <> ---
There are some
configuration options to decide on. Here are the basics:

  Enforce a password renewal after X (configurable) days.
  Password-History to use the password X (configurable) times not to use again.
  Disable account after x invalid login attempts.
  Minimum size of the password.
  At least 2 small and 2 big letters in a password.
  At least 2 letters in a password.
  At least one number in a password.

My suggestions:

  PasswordMaxValidTimeInDays 180
  PasswordMaxLoginFailed 5
  PasswordMinSize 10
  PasswordHistory 3 (can't reuse the last 3 passwords)

You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
Wikibugs-l mailing list

Reply via email to