mahara-contributors team mailing list archive

Thread
Date

[Bug 845263] Re: Optional password policy

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Gregor Anželj <gregor.anzelj@xxxxxxxxx>
Date: Tue, 16 Jan 2018 22:29:38 -0000
Reply-to: Bug 845263 <845263@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Improve the password policy enforcement and configuration in Mahara.
Have a pre-defined password policy of a minimum of 8 characters with
type "alphanumeric mixed case + symbols". Also allow admins to set the
password policy in Site Options > Security Settings. In all locations
where password is set the password input should also include a password
strength indicator.


** Changed in: mahara
     Assignee: (unassigned) => Gregor Anželj (gregor-anzelj)

** Changed in: mahara
     Assignee: Gregor Anželj (gregor-anzelj) => (unassigned)

** Changed in: mahara
     Assignee: (unassigned) => Gregor Anželj (gregor-anzelj)

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/845263

Title:
  Optional password policy

Status in Mahara:
  Triaged

Bug description:
  For internal policy reasons, some people might need Mahara to enforce
  a password policy.

  If we implement this feature, we should make sure that:

  - it's optional
  - it's disabled by default
  - we include a warning saying that it could result in less secure passwords (ideally linking to research paper demonstrating this)

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/845263/+subscriptions

References

[Bug 845263] [NEW] Optional password policy
From: François Marier, 2011-09-09