Replies: 2 comments 1 reply
-
Are there other policies besides password strength? The main issue with some is that they are tight to an org. Without a user beloning to an org, those will not become active. Modifying it at runtime by somehow letting the server modify the web-vault code is difficult too, since the web-vault can change which needs adjustments or even worse version checks which can be altered. I haven't looked into the master password settings my self for a global item, so not sure if there is something to be done there. And maybe the password generator. |
Beta Was this translation helpful? Give feedback.
-
As you mentioned it your self, the onboarding process is not build for this. I can think of some workarounds, like a job in the background which gives the user a grace period for example and else disables the user. But that would cause issues i think. Aan other option would be pre-configure mail token.
This can be configured somewhere in the web-vault code and then build it your self ofcourse. There isn't an easy global way or runtime adjustment. Maybe a sed replace on the js code could be an option.
This already is an option. You can configure a mail address who is allowed to create orgs, others are denied.
Same as for the master password strength. Maybe a sed replace on the js code can do something, else rebuild the web-vault your self.
That is already an option indeed. |
Beta Was this translation helpful? Give feedback.
-
I might have missed already closed or resolved discussions/issues regarding this topic, if that's the case I'm sorry.
At the moment it seems not possible to apply global policies (outside of an organization) to all users. That would be ideal for organizations which do not seek to provide an organization-wide password store but instead want to offer a personal password store service only.
In short could a feature request be supported (also financially) to allow the configuration of global/instance-wide policies instead of only having them bound to an organization?
This would simplify the onboarding process, and not require users to join an organization only for the sake of enforcing policies (e.g. master password strength).
Beta Was this translation helpful? Give feedback.
All reactions