DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=35540>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=35540 Summary: create 5 or more password-policy validators Product: Commons Version: unspecified Platform: Other OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: Validator AssignedTo: commons-dev@jakarta.apache.org ReportedBy: [EMAIL PROTECTED] besides the already existing length-check, the following (server-side only as per bug 12473 - although most sites tell a cracker on their registration pages in plain english anyway what the minimum policy is) validators would be useful: - require capital letter - require a non-captial letter - require a number - require a special character. Furthermore there should be combination-validators, e.g. one would use the above four to implement a "2 out of 4" rule. Most government uses require something alike, e.g. as per http://www.isb.admin.ch/imperia/md/content/sicherheit/informatiksicherheit/sicherheitsweisungen/anhang1_d.pdf, item 2.4 (German) -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]