[rt-users] p*a*s*s*w*o*r*d quality enforcement?
Matt Zagrabelny
mzagrabe at d.umn.edu
Fri Jul 17 10:05:49 EDT 2015
On Fri, Jul 17, 2015 at 6:55 AM, Václav Ovsík <vaclav.ovsik at i.cz> wrote:
> Hi,
> is there any way to set password quality enforcement better then its
> minimal length ($MinimumPasswordLength)?
There is a BeforeUpdate callback in
share/html/Admin/Users/Modify.html. Without looking deeper at the code
I don't know if that will also catch "new" user creation.
You'd have to write a little bit of code and put it in the callback
and fail accordingly if the password didn't meet your requirements.
> I mean something like
> http://sourceforge.net/projects/cracklib
> http://www.openwall.com/passwdqc/
> or so.
>
> Tried Anyone John The Ripper successfully with RT password hashes?
We use an SSO in front of RT - so no need to have local hashes.
-m
More information about the rt-users
mailing list