Project

General

Profile

Actions

Task #2201

closed

Extending password validation by option "must not start/end with something".

Added by Ondrej Husník almost 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ondrej Husník
Category:
Password
Target version:
Start date:
04/08/2020
Due date:
% Done:

100%

Estimated time:
Owner:

Description

It could be useful to add some more options to configure password policies. It may be e.g. limitation during password validation that it cannot start/end with specific characters.

Actions #1

Updated by Ondrej Husník almost 4 years ago

  • Subject changed from Password policy enhacement to Extending password validation by option "must not start/end with something".
Actions #2

Updated by Vít Švanda almost 4 years ago

  • Target version changed from 10.3.0 to 10.4.0
Actions #3

Updated by Ondrej Husník almost 4 years ago

  • Status changed from New to In Progress
Actions #4

Updated by Ondrej Husník almost 4 years ago

  • % Done changed from 0 to 50
Actions #5

Updated by Ondrej Husník almost 4 years ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Ondrej Husník to Radek Tomiška
  • % Done changed from 50 to 90
Password policy was extended by a new option allowing to specify list of forbidden characters which password must not start or end with.
These rules are applied on:
  1. Single initial/final character only
  2. This option is available for both validation and generation policies
  3. Are not applied on initial character if prefix option is used (generation only)
  4. Are not applied on final character if suffix option is used (generation only)

Policy for generated passwords is now tested before saving, whether it's possible to generate any password which meets such policy settings.

Please could you provide me a feedback of this task.
https://github.com/bcvsolutions/CzechIdMng/commit/2c55ed821fbcdb9182677920b01f4f33c624709c

section: Password policies, Signs
https://wiki.czechidm.com/devel/documentation/adm/pwd?s[]=%2Apassword%2A&s[]=%2Apolicy%2A
https://wiki.czechidm.com/devel/documentation/security/dev/password-policies?s[]=%2Apassword%2A&s[]=%2Apolicy%2A

Actions #6

Updated by Radek Tomiška almost 4 years ago

  • Status changed from Needs feedback to Resolved
  • Assignee changed from Radek Tomiška to Vít Švanda
  • % Done changed from 90 to 100

I did test and code review, it works, thx!

I fixed some minor issues from sonar only:
https://github.com/bcvsolutions/CzechIdMng/commit/ca20e0ea4d6c41848bf2d96ddce33d4700adbfa0

Actions #7

Updated by Radek Tomiška almost 4 years ago

  • Assignee changed from Vít Švanda to Ondrej Husník
Actions #8

Updated by Radek Tomiška over 3 years ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF