[freeside-users] Password requirements
Roderick Anderson
raanders42 at gmail.com
Thu Nov 16 18:31:29 PST 2017
On 11/16/2017 05:27 PM, Larry Smith wrote:
> On Thu November 16 2017 17:13, you wrote:
>> Thanks for the info. Only problem is I can't find it. Password-insecure.
>>
>> What I have done is short cut the function in the code. A hammer solution
>> to a screwdriver problem.
>>
>> Rod
>
> Probably my typing, actual parameter is "password-insecure",
> bottom of the Password section of the Configuration Settings
> page.
>
Still no joy. Could my code hack of messed it up? This is version 4.2
Password
passwordmin: Minimum password length (default 6)
3
passwordmax: Maximum password length (default 12) (don't set this over
12 if you need to import or export crypt() passwords)
18
password-noampersand: Disallow ampersands in passwords
NO
password-noexclamation: Disallow exclamations in passwords (Not setting
this could break old text Livingston or Cistron Radius servers)
NO
default-password-encoding: Default storage format for passwords
showpasswords: Display unencrypted user passwords in the backend
(employee) web interface
YES
report-showpasswords: This is a terrible idea. Do not enable it.
STRONGLY NOT RECOMMENDED. Enables display of passwords on services
reports.
NO
security_phrase: Enable the tracking of a "security phrase" with each
account. Not recommended, as it is vulnerable to social engineering.
NO
Thanks for the help.
Rod
--
More information about the freeside-users
mailing list