Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Increase the password length from 8 characters to 15 characters or more [CORE1898] #2330

Closed
firebird-issue-importer opened this issue May 13, 2008 · 8 comments

Comments

@firebird-issue-importer

Submitted by: Bruno Marx (bmx)

Replaces CORE3342
Is duplicated by CORE3933
Is related to QA630

Votes: 5

It would be very desirable to increase the password scheme to support more than 8 characters. Our customer requires us to support a certain number of the Database STIG requirements developed by DISA for the US DoD, including DG0079:

"(DG0079: CAT II) The DBA will ensure database password complexity standards meet current minimum requirements for length (9 characters or more for database application user accounts and 15 characters or more for privileged database accounts) and composition (at least two uppercase characters, two lowercase characters, two special characters, two digits ) where supported by the DBMS".

From DG0079, the SYSDBA password should be at least 15 characters, and other regular user/application passwords at least 9 characters.

Using Firebird 2.1 on Windows platforms, we can always use Windows Authentication to workaround that limitation, although the SYSDBA password length is still an issue.

Thanks.

Commits: 7fb8ebd

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented May 14, 2008

Modified by: @AlexPeshkoff

assignee: Alexander Peshkov [ alexpeshkoff ]

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented May 14, 2008

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Open [ 1 ]

Target: 3.0.0 [ 10048 ]

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented Feb 12, 2011

Modified by: @dyemanov

Link: This issue replaces CORE3342 [ CORE3342 ]

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented Dec 23, 2011

Commented by: @AlexPeshkoff

Except longer default passwords in FB3 are also secure: they are not passed over the wire in any way

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented Dec 23, 2011

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 3.0 Alpha 1 [ 10331 ]

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented Sep 21, 2012

Modified by: Sean Leyne (seanleyne)

Link: This issue is duplicated by CORE3933 [ CORE3933 ]

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented Sep 28, 2015

Modified by: @pcisar

Link: This issue is related to QA630 [ QA630 ]

@firebird-issue-importer
Copy link
Author

firebird-issue-importer commented Jan 19, 2016

Modified by: @pavel-zotov

QA Status: No test

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants