User Authentication - password requirements #926
Labels
API
Related to the backend api server written in Go
discussion
Raises questions that are up for discussion
feature
A new idea or feature
UI
Related to the frontend web ui written in Javascript
Is your feature request related to a problem? Please describe.
With #918 & #828 and off various other discussions it has been identified that there is a requirement for password a password policy which will allow an admin to set a series of rules for the password to be verified against.
Describe the solution you'd like
At a high level this feature should implement a PasswordPolicy struct which contains options for the following;
Implementing these features will allow an admin to define a policy for password complexity that a user must follow. This should be stored in the database and a check done on the setting of user passwords before encryption to ensure that it meets the current policy. We could do more here which is open for discussion such as enforcing policies at login so if a change to the policy has been made if on login the user's password doesn't match the requirements they will be made to change it.
The text was updated successfully, but these errors were encountered: