Module to manage password complexity
hi all,
I need in my enterprise to force users to choose a password hard to discover. All 'auth' / 'security' module are useless if password is just '1234'. So my questions are :
1/ It seems that there is no module to do that. It isn't ?
2/ Is server-env-tools the good place to do a Merge Proposal ?
3/ Do you know some lib in python to compute / define the complexity of a string ?
4/ Are there some people to work / review that kind of module ?
Quick blueprint of the module :
- create parameters to define a complexity level for password ;
- [optional / second step] set different complexity levels to users. (depending of access right) ; (Exemple : portal user : medium complexity ; accounting users : hard complexity)
- when user changes his password, force the user to tip a complex password ;
- [optional / Second step] when a user logs in, force the user to change his password if it is not complex enough ; (planned incompatility : auth_ldap).
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Sylvain LE GAL (GRAP)
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
-
Unknown
- Milestone target:
- None
- Started by
- Completed by
