.. in accordance with current NIST recommendations [0]. It's 2024; so reasonable to expect an 8-character-password at the minimum.
[0] https://pages.nist.gov/800-63-4/sp800-63b.html#passwordver Signed-off-by: Christoph Heiss <c.he...@proxmox.com> --- Changes v1 -> v2: * rebased on latest master * adapted html templates Proxmox/Sys.pm | 5 +++++ html/pbs/passwd.htm | 2 +- html/pmg/passwd.htm | 2 +- html/pve/passwd.htm | 2 +- proxinstall | 7 +++++-- 5 files changed, 13 insertions(+), 5 deletions(-) diff --git a/Proxmox/Sys.pm b/Proxmox/Sys.pm index afc6780..b10deb7 100644 --- a/Proxmox/Sys.pm +++ b/Proxmox/Sys.pm @@ -7,3 +7,8 @@ use warnings; # https://html.spec.whatwg.org/multipage/input.html#valid-e-mail-address # Using that /should/ cover all possible cases that are encountered in the wild. our $EMAIL_RE = '^[a-zA-Z0-9.!#$%&\'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$'; + +# Minimum password length for the root account. +# See also https://pages.nist.gov/800-63-4/sp800-63b.html#passwordver for the +# recommendation. +our $ROOT_PASSWORD_MIN_LENGTH = 8; diff --git a/html/pbs/passwd.htm b/html/pbs/passwd.htm index d331b28..f275a6f 100644 --- a/html/pbs/passwd.htm +++ b/html/pbs/passwd.htm @@ -27,7 +27,7 @@ <tr> <td valign="top" width="30"><img src="plus.png"></td> <td valign="top"><b>Password:</b> - Please use a strong password. It should be at least 8 characters long, + Please use a strong password. It must be at least 8 characters long, and contain a combination of letters, numbers, and symbols. <br><br> </td> diff --git a/html/pmg/passwd.htm b/html/pmg/passwd.htm index 3e94480..32b74f9 100644 --- a/html/pmg/passwd.htm +++ b/html/pmg/passwd.htm @@ -27,7 +27,7 @@ <tr> <td valign="top" width="30"><img src="plus.png"></td> <td valign="top"><b>Password:</b> - Please use a strong password. It should have 8 or more characters. + Please use a strong password. It must have 8 or more characters. Also combine letters, numbers, and symbols. <br><br> </td> diff --git a/html/pve/passwd.htm b/html/pve/passwd.htm index 1c7d2fc..b70e37c 100644 --- a/html/pve/passwd.htm +++ b/html/pve/passwd.htm @@ -27,7 +27,7 @@ <tr> <td valign="top" width="30"><img src="plus.png"></td> <td valign="top"><b>Password:</b> - Please use a strong password. It should be at least 8 characters long, + Please use a strong password. It must be at least 8 characters long, and contain a combination of letters, numbers, and symbols. <br><br> </td> diff --git a/proxinstall b/proxinstall index 8168529..2c399d2 100755 --- a/proxinstall +++ b/proxinstall @@ -721,8 +721,11 @@ sub create_password_view { my $t1 = $pwe1->get_text; my $t2 = $pwe2->get_text; - if (length ($t1) < 5) { - Proxmox::UI::message("Password is too short."); + if (length ($t1) < $Proxmox::Sys::ROOT_PASSWORD_MIN_LENGTH) { + Proxmox::UI::message( + "Password too short, must be at least " . + "$Proxmox::Sys::ROOT_PASSWORD_MIN_LENGTH characters long" + ); $pwe1->grab_focus(); return; } -- 2.47.0 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
