exozyme/exozyme
7
12
Fork 0
Code Issues 4 Pull requests Projects Releases 39 Wiki Activity

Enforce strong password policy #21

New issue
Closed
opened 2021-08-16 19:16:43 +00:00 by a · 7 comments
a commented 2021-08-16 19:16:43 +00:00
Owner
Copy link

One of the obvious ways to improve our security is to enforce a strong password policy, which is also recommended by #20 here. Maybe think about this issue when addressing #14.

One of the obvious ways to improve our security is to enforce a strong password policy, which is also recommended by #20 [here](https://wiki.archlinux.org/title/Security#Enforcing_strong_passwords_with_pam_pwquality). Maybe think about this issue when addressing #14.
a added the
security
 label 2021-08-16 19:16:43 +00:00
a added this to the (deleted) project 2021-08-16 19:16:43 +00:00
a commented 2021-08-17 17:01:05 +00:00
Author
Owner
Copy link

We're in the process of first getting everyone to change their password from the default...

We're in the process of first getting everyone to change their password from the default...
a added this to the v2.0 milestone 2021-08-19 19:50:28 +00:00
a commented 2021-08-20 21:54:50 +00:00
Author
Owner
Copy link

Only four more people that still need to change their passwords...

Only four more people that still need to change their passwords...
a commented 2021-08-20 22:09:22 +00:00
Author
Owner
Copy link

We now generate random passwords for new users so this is less of an issue.

We now generate random passwords for new users so this is less of an issue.
a commented 2021-08-20 22:13:29 +00:00
Author
Owner
Copy link

Closing this for now since I'm in favor of having less restrictions on users such as password policies. Just please don't use bad passwords.

Closing this for now since I'm in favor of having less restrictions on users such as password policies. Just please don't use bad passwords.
a closed this issue 2021-08-20 22:13:29 +00:00
a commented 2021-08-21 19:40:26 +00:00
Author
Owner
Copy link

I just generated random passwords for the people who still haven't changed their passwords from the default, so this should be completely fixed now.

I just generated random passwords for the people who still haven't changed their passwords from the default, so this should be completely fixed now.
a commented 2021-10-30 03:37:34 +00:00
Author
Owner
Copy link

The biggest issue is just that people probably have pretty weak passwords, so this is worth looking into again.

The biggest issue is just that people probably have pretty weak passwords, so this is worth looking into again.
a reopened this issue 2021-10-30 03:37:34 +00:00
a modified the milestone from v2.0 to v5.0 2021-10-31 15:17:55 +00:00
a added the
wontfix
 label 2021-11-03 00:34:26 +00:00
a commented 2021-11-03 00:34:38 +00:00
Author
Owner
Copy link

This might be worth looking into later, but not now.

This might be worth looking into later, but not now.
a closed this issue 2021-11-03 00:34:38 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
v9.0
v8.8
v8.7
v8.6
v8.5
v8.4
v8.3
v8.2
v8.1
v8.0
v7.10
v7.9
v7.8
v7.7
v7.6
v7.5
v7.4
v7.3
v7.2
v7.1
v7.0
v6.1
v6.0
v5.1
v5.0
v4.2
v4.1
v4.0
v3.0
v2.5
v2.4
v2.3
v2.2
v2.1
v2.0
v1.3
v1.2
v1.1
v1.0
v0.3-beta
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
security

Security vulnerability

  
wontfix

This won't be fixed

No labels
bug
duplicate
enhancement
help wanted
invalid
question
security
wontfix
Milestone
Clear milestone
No items
No milestone
v5.0
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: exozyme/exozyme#21
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?