dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #49660
2.27 password constraints enforced
Hi all,
I would like to clarify the following;
2.27 enforces the password requirement of at least 1 UPPERCASE, lowercase,
numeric and non-alpha-numeric character and specified length for new users,
password resets including password reset when password expiry is turned on.
These enhancements are all good for us from an auditing perspective. It
does not however enforce password reset on first login to a 2.27 instance
when the password does not comply to the new requirements. We would need to
give assurance that the new password requirement has been enforced by the
system. I was looking qt shortening the password expiry but the shortest
option is 90 days.
Is this by design or a bug?
Elmarie Claasen
HISP-SA
--
*This message and any attachments are subject to a disclaimer published at
http://www.hisp.org/policies.html#comms_disclaimer
<http://www.hisp.org/policies.html#comms_disclaimer>. Please read the
disclaimer before opening any attachment or taking any other action in
terms of this electronic transmission. If you cannot access the
disclaimer, kindly send an email to disclaimer@xxxxxxxx
<disclaimer@xxxxxxxx> and a copy will be provided to you. By replying to
this e-mail or opening any attachment you agree to be bound by the
provisions of the disclaimer.*
Follow ups