[SAK-24392] Add password validation when users can set their password - Sakai

XML

Word

Printable

Details

Type: Feature Request
Status: CLOSED
Priority: Major
Resolution: Non-Issue
Affects Version/s: 10.0
Fix Version/s: None
Component/s: Reset Password & Account Validation
Labels:
None

Property addition/change required:

Yes
Previous Issue Keys:
RES-54

Description

If a user is validating their account, when they fill out the password fields, anything gets accepted (ie. their password can be "a").

This patch adds a sakai.property:
account-validator.validate.passwords=[true|false]

When true, it uses an algorithm from OWASP ESAPI to determine if there is sufficient entropy, and also ensures that it differs enough from the user's eid

Gliffy Diagrams

Zeplin

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

RES-54.patch
6 kB
03-Jun-2013 14:45
RES-54.patch
5 kB
31-May-2013 15:32
RES-54.patch
5 kB
10-May-2013 13:25
RES-54.patch
13 kB
29-Apr-2013 15:59
RES-54.patch
18 kB
26-Feb-2013 09:57

Issue Links

depends on

SAK-39378 Supporting kernel features for SAK-24392 (password validation)

CLOSED

is related to

SAK-23568 Add password policy control to the New Account tool

CLOSED

SAK-24427 Improvements to account validator

CLOSED

Activity

People

Assignee:: Aaron Zeckoski (Inactive)

Reporter:: Brian Baillargeon

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 26-Feb-2013 09:56

Updated:: 01-Jul-2014 07:45

Resolved:: 11-Apr-2014 07:15

Details

Description

Gliffy Diagrams

Zeplin

Attachments

Attachments

Issue Links

Activity

People

Dates

Git Integration