Uploaded image for project: 'Apache Guacamole - Contributions'
  1. Apache Guacamole - Contributions
  2. GUAC-1546

Add support for password policies

    XMLWordPrintable

    Details

    • Type: Story
    • Status: Done
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: guacamole-auth-jdbc
    • Labels:
    • Sprint:
      DEV 2016-08-30
    • Story Points:
      8

      Description

      Guacamole currently lacks support for enforcement of password policies within the existing authentication backends. This is not relevant for the backends which are read-only, but definitely makes a difference for the database authentication.

      We should provide password policies in line with current de facto standards. Specifically, the following restrictions need to be supported:

      1. Minimum password age (how long before the password CAN be changed)
      2. Maximum password age (how long before the password MUST be changed)
      3. Minimum password length
      4. Minimum number of character classes:
        1. Uppercase
        2. Lowercase
        3. Symbols
        4. Digits
      5. Must not containing the username
      6. Must not match last N passwords

        Attachments

          Activity

            People

            Assignee:
            mike.jumper Michael Jumper
            Reporter:
            mike.jumper Michael Jumper
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: