Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Enforce stronger password requirements for non-2FA users #1027

Open
cotosso opened this issue Jan 15, 2025 · 1 comment
Open

Enforce stronger password requirements for non-2FA users #1027

cotosso opened this issue Jan 15, 2025 · 1 comment
Milestone
NethSecurity 8.5

Comments

@cotosso
Copy link
Contributor

cotosso commented Jan 15, 2025

If 2FA is not enabled, users are required to use strong passwords, with a minimum length of 14 characters in certain situations to ensure adequate security.

Proposed Improvements

Enforce a minimum password length of 14 characters for non-2FA users.
Make the minimum password length configurable via CLI to allow flexibility for future requirements.
@cotosso cotosso moved this to ToDo 🕐 in NethSecurity Jan 15, 2025
@cotosso cotosso added this to the NethSecurity 8.5 milestone Jan 15, 2025
@gsanchietti
Copy link
Member

A correct password validation for such usage scenario requires a new API inside the api-server and must be implemented after: #1023

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
NethSecurity
Status: ToDo 🕐
Milestone
NethSecurity 8.5
Development

No branches or pull requests
2 participants
@gsanchietti @cotosso