On Sat, Jul 28, 2012 at 3:18 PM, Douglas Hubler <dhub...@ezuce.com> wrote:
> On Fri, Jul 27, 2012 at 4:43 PM, Mircea Carasel <mirc...@ezuce.com> wrote: > > 2.Default value - persisted policy, and the user will enter what default > > values would like for voicemail pin or password - these values will be > > persisted as well in global settings > > As long as sipxecs/openuc doesn't ship with a well known default > password. Hackers would write scripts to test logins with those > passwords. If the feature didn't work until an admin specified a > default password, that would be fine. > Yes, so when sipxecs is shipped, there won't be any default password set. The admin is the only that can specify the default password When sipxecs is shipped, the default policy will be blank password (admin will have to write passwords) Other thing that we can do is to drop default password thing, and the default password policy just to enable a rule of creating passwords, for example: extension followed by character 0 up to 4 characters for voicemail pin, up to 8 characters for password I am thinking to add a new page in UI, under Users menu called Password Policy, for these global settings management. what do you guys think? thanks Mircea > _______________________________________________ > sipx-users mailing list > sipx-users@list.sipfoundry.org > List Archive: http://list.sipfoundry.org/archive/sipx-users/ >
_______________________________________________ sipx-users mailing list sipx-users@list.sipfoundry.org List Archive: http://list.sipfoundry.org/archive/sipx-users/
