Password complexity and max failures attempts
22 views
Skip to first unread message
Brandon Sauvenière (Brandysve)
Apr 6, 2023, 7:20:27 AM4/6/23
to DSpace Technical Support
Hello,
Is it possible to manage the password complexity when user create a password? (ex : min 14 chars with uppercase, lowercase, numbers and special chars).
It there a maximal failures attempts? We're planning to use dspace for our target with +/- 15000 users. We want to be sure that it is safe against attacks.
It is external users so we don't use LDAP, shibboleth, etc...
Thank you :)
Tim Donohue
Apr 13, 2023, 11:54:22 AM4/13/23
to DSpace Technical Support
Hi,
In DSpace 7, you can manage password complexity rules in a configuration. It's controlled by a regex pattern defined here:
In DSpace 7, you can manage password complexity rules in a configuration. It's controlled by a regex pattern defined here:
Some examples of different patterns are given in the comments of that config file.
At this time though there is no "maximum failure" attempt rules for the default password system. I do agree this would be useful enhancement though... so, you are welcome to create a bug ticket regarding this & we'll see if we can locate a volunteer interested in implementing it. https://github.com/DSpace/DSpace/issues
Tim
Reply all
Reply to author
Forward
0 new messages