Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add password policies for local users #2252

Closed
AdSchellevis opened this issue Mar 9, 2018 · 5 comments
Closed

add password policies for local users #2252

AdSchellevis opened this issue Mar 9, 2018 · 5 comments
Assignees
@AdSchellevis
Labels
feature Adding new functionality

Comments

@AdSchellevis
Copy link
Member

Set an expiry date on local passwords and enforce password strength when selected.
@AdSchellevis AdSchellevis added the feature Adding new functionality label Mar 9, 2018
@AdSchellevis AdSchellevis self-assigned this Mar 9, 2018
AdSchellevis added a commit to opnsense/docs that referenced this issue Mar 11, 2018
@AdSchellevis
some basic documentation for local password policies, for opnsense/co…
567bc07 
…re#2252
AdSchellevis added a commit that referenced this issue Mar 11, 2018
@AdSchellevis
implement password policies for local accounts. for #2252
dc74006 
This change consists of two components:

1) enforcing the user to change his or her password every x days, when pwd_changed_at is not set or longer ago then specified only access to the password page is prohibited
2) enforce minimal length or complexity settings depending on selected choices
@AdSchellevis
Copy link
Member Author

for reference, setup password constraints
image

@AdSchellevis
Copy link
Member Author

By default the policies will stay disabled in dc74006 so nothing should change for existing and new installs, other then some minor (non functional) cleanups in the authentication flow.

fichtner pushed a commit that referenced this issue Mar 21, 2018
@AdSchellevis @fichtner
implement password policies for local accounts. for #2252
581182c 
This change consists of two components:

1) enforcing the user to change his or her password every x days, when pwd_changed_at is not set or longer ago then specified only access to the password page is prohibited
2) enforce minimal length or complexity settings depending on selected choices

(cherry picked from commit dc74006)
@linuxmail
Copy link

Hello,

is there a roadmap, when this feature would be available for the production release ?

cu denny

@fichtner
Copy link
Member

fichtner commented Apr 13, 2018 via email

@linuxmail
Copy link

hi @fichtner

thanks :-) Is there a configuration file or a doc, what kind of complexity is used ? I mean, I can enable it but I can see (if the password is bad) the rule only on a password change :-)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AdSchellevis AdSchellevis

Labels
feature Adding new functionality
Milestone
No milestone
Development

No branches or pull requests
3 participants
@linuxmail @fichtner @AdSchellevis