yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1461431] Re: Enable admin password complexity verification

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Tristan Cacqueray <tdecacqu@xxxxxxxxxx>
Date: Thu, 11 Jun 2015 20:27:42 -0000
Reply-to: Bug 1461431 <1461431@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Agreed on class D type of bug.

** Changed in: ossa
       Status: Incomplete => Won't Fix

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1461431

Title:
  Enable admin password complexity verification

Status in OpenStack Compute (Nova):
  New
Status in OpenStack Security Advisories:
  Won't Fix

Bug description:
  When performing actions such as create instances, evacuate instances,
  rebuild instances, rescue instances and update instances' admin
  password. The complexity of user provided admin password has not been
  verified. This can cause security problems.

  One solution will be adding a configuration option:
  using_complex_admin_password = True, if this option is set in
  configure file by administrator, then Nova will perform password
  complexity checks, the check standards can be set to following the IT
  industry general standard, if the provided admin password is not
  complex enough, an exception will be throw. If this option is not set
  in configure file, then the complexity check will be skipped.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1461431/+subscriptions