provide configurable password policies
Admins should be able to define a password policy to follow by all users of the system.
Updated by Jigal van Hemert over 3 years ago
There are already a couple of extensions that implement this annoying behavior. Perhaps it's better to look for a library that can really calculate the strength of a password/passphrase and show that next to the field with the new password. If that works correctly it might be useful to have a setting for the minimum acceptable strength.
Updated by Benni Mack about 1 year ago
- Category changed from Security to Miscellaneous
I consulted with the security team, and we decided that this won't go into TYPO3 Core, but rather be a standalone extension (as there are multiple extensions out there already). This isn't part of the BSI requirement anymore, and thus does not need to be part of TYPO3 Core.