So the plugin will show the strength AND it will enforce the strength when a user is created or updates his password. Will it be possible for an administrator to disable either of these?
For both of those capabilities is the plugin's behavior configurable for different authentication encoders? That is, could I have one set of rules for the SHA256 authenticator and a different set of rules for the MD5 authenticator? -----Original Message----- From: Damoder Reddy [mailto:damoder.re...@citrix.com] Sent: Friday, July 18, 2014 9:13 AM To: dev@cloudstack.apache.org Subject: Re: [PROPOSAL] Adding a plugin to check the password strength of all users Will show the strength of the password as well. On 18-Jul-2014, at 6:53 pm, Demetrius Tsitrelis <demetrius.tsitre...@citrix.com> wrote: > Will the plugin merely show the strength of the password or will the plugin > prevent the use of weak passwords? > > ________________________________________ > From: Damoder Reddy [damoder.re...@citrix.com] > Sent: Thursday, July 17, 2014 11:02 PM > To: dev@cloudstack.apache.org > Subject: [PROPOSAL] Adding a plugin to check the password strength of > all users > > Hi all, > > I am thinking to add a plugin which enables to check the password strength of > a user while setting/resetting the password for that user. > why as a plugin because different companies may have a different rule sets to > check the password strength. > > The default implementation will have the password strength calculation > based on the following parameters 1. Length of the password 2. Number > of Character Sets involved in the password defined. For ex, Upper Case > Letter, Lower Case letter, Digits and special character set. > > Ay suggestions/Comments? > > Thanks > Damoder
