freeipa

Clone
Source Code
GIT

#2445 [RFE] IdM password policy should include checks for repeating characters
Closed: fixed 3 years ago by rcritten. Opened 12 years ago by dpal.

Closed: fixed
Reopen Issue

Policy should allow definition and enforcement of the following password policies:

  • At most N consecutive occurrences of the same character.
  • At most N consecutive increasing or decreasing alphanumeric characters

Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=798359

Metadata Update from @dpal:
- Issue assigned to rcritten
- Issue set to the milestone: Ticket Backlog
7 years ago

master:

  • 41021c2 Add LDAP schema for new libpwquality attributes
  • 6b452e5 Extend IPA pwquality plugin to include libpwquality support
  • c03b486 Add new pwpolicy objectclass to test_xmprpc/objectclasses.py
  • 3fc2eda Require libpwolicy and configure it in the build system
  • c4cca53 Extend password policy to evaluate passwords using libpwpolicy
  • 46d0096 Add a unit test for libpwquality-based password policy
  • 6da070e Pass the user to the password policy check in the kdb driver
  • be2efc1 Add a raiseonerr option to ldappasswd_user_change
  • fe44835 ipatests: add test for password policies
  • 68aa7c0 Add SELinux policy so kadmind can read the crackdb dictionary
  • f602da4 Requirements and design for libpwquality integration
  • 5155280 ipatests: Add test_pwpolicy to nightly runs

ipa-4-8:

  • 04c34dc Add LDAP schema for new libpwquality attributes
  • e8232dd Extend IPA pwquality plugin to include libpwquality support
  • 4dcb8d9 Add new pwpolicy objectclass to test_xmprpc/objectclasses.py
  • 734afe3 Require libpwolicy and configure it in the build system
  • 43cdcad Extend password policy to evaluate passwords using libpwpolicy
  • cba86e8 Add a unit test for libpwquality-based password policy
  • d6a8fc2 Pass the user to the password policy check in the kdb driver
  • 676979e Add a raiseonerr option to ldappasswd_user_change
  • 9627ac4 ipatests: add test for password policies
  • 60768b7 Add SELinux policy so kadmind can read the crackdb dictionary
  • 48801cb ipatests: Add test_pwpolicy to nightly runs

Metadata Update from @rcritten:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
3 years ago

master:

  • 26b9a69 Wrap libpwquality PKG_CHECK_MODULES in ENABLE_SERVER test

ipa-4-8:

  • 3e51d44 Wrap libpwquality PKG_CHECK_MODULES in ENABLE_SERVER test

Metadata Update from @abbra:
- Custom field changelog adjusted to FreeIPA password quality checking plugin has been extended to use libpwquality library. Password policies can now check for a reuse of a user name, dictionary words using a cracklib package, numbers and symbols replacement and repeating characters in the passwords.
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
normal
None
None
None
None
enhancement
None
None
IPA
None
0
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=798359
None
FreeIPA password quality checking plugin has been extended to use libpwquality library. Password policies can now check for a reuse of a user name, dictionary words using a cracklib package, numbers and symbols replacement and repeating characters in the passwords.
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.