[ https://issues.apache.org/jira/browse/QPID-8269?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Rudyy updated QPID-8269: ----------------------------- Fix Version/s: (was: qpid-java-broker-8.0.0) > [Broker-J] Enforce password complexity in authentication providers managing > credentials > --------------------------------------------------------------------------------------- > > Key: QPID-8269 > URL: https://issues.apache.org/jira/browse/QPID-8269 > Project: Qpid > Issue Type: Improvement > Components: Broker-J > Reporter: Alex Rudyy > Priority: Major > > Validate the password credentials in Qpid authentication providers managing > credentials to meet the following requirements: > * Password length must be greater than predefined minimum password length > limit (8 or 16 characters, by default) > * Passwords included in the predefined blacklist must not be allowed > * Passwords must not include repetitive or sequential patterns of more than 3 > characters > * Passwords must not include the account username > * Password must be comprised of 3 out of the following 4 elements: > ** Lowercase characters (a through z) > ** Uppercase characters (A through Z) > ** Base 10 digits (0 through 9) > ** Special or non-alphanumeric characters (@,#,+,etc) > * Passwords must not be reused the last 12 times > The different password complexity policies can be applied for interactive and > non interactive accounts. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org