← Back to team overview

dhis2-devs team mailing list archive

Password complexity requirements

 

Hi dev team,

I have 2 password-related requirements that I need to implement in DHIS to meet our organization's security policy:

1.       Password must contain 3 of the following characters: lowercase letters, uppercase letters, numbers, special characters (it currently only requires uppercase and number)

2.       Password length requirements need to be set according to user role (e.g. superusers and other administrators must have a 16 character password).

I'm trying to build this functionality in-house and contribute it back to the community, but I need some guidance:

1.       For the password character requirements, I think I have identified the modifications that need to be made to jquery.validate.ext.js and ValidationUtils.java to add a lowercase condition. I checked it in here<https://code.launchpad.net/~rs3524/dhis2/addedpasswordrequirements>. Could you review? Would the team be ok with adding this to future versions?

2.       For the password length by user role, I am not sure how to proceed. Is this something that the community would be interested in? Could you advise on where to start?

Thanks much,
Becky



Becky Smith
Development-Operations Specialist
ICAP at Columbia University
Tel: 212.304.7115
Email: rs3524@xxxxxxxxxxxxxxxxx<mailto:rs3524@xxxxxxxxxxxxxxxxx>