Feature #21659
closed
Introduce Password Policies
Added by Nikolas Hagelstein over 14 years ago.
Updated about 7 years ago.
Description
Currently there is no way to configure a minimum strengh of passwords within the password change dialog.
Suggestion:
Add a configurable way to specify a minimum password strengh: lenght, complexity, special characters etc.
(issue imported from #M12722)
I think this can be done by an extension. Although this would be a neat feature, I don't see the big need to have it in core.
EDIT: As you can see in the related BT entries, there are various wishes, what can be done with passwords and failed logins. Having all this in core might be overkill.
What you could add would be a nice bar which changes its color from red over yellow to green when entering the password.
- Target version deleted (
0)
- Description updated (diff)
- Category set to Backend User Interface
- Status changed from New to Accepted
- TYPO3 Version set to 7
- PHP Version changed from 4.3 to 5.5
- Is Regression set to No
- Category changed from Backend User Interface to Security
The core is currently lacking the possibility to configure password policies.
This however is considered a requirement in many large scale projects and has been reported as lacking several times already.
A first step could be to introduce a min length property in TCA for input fields
- Subject changed from Secure the BE login - Prevent the user from using weak passwords to Introduce Password Policies
- Tracker changed from Bug to Feature
- Target version set to 9 LTS
- Related to Feature #80793: provide configurable password policies added
- Status changed from Accepted to Closed
- Target version deleted (
9 LTS)
I close this issue in favor of #80793 , please continue the discussion there, thank you.
I have added there a reference to this issue to keep track of it
If you think that this is the wrong decision, then please reopen it or open a new ticket and add a relation to this ticket number.
Also available in: Atom
PDF