Password Complexity Requirements

Post here if you have some suggestions or you want to request a new feature.
Post Reply
matt631
Posts: 4
Joined: Fri Aug 12, 2011 11:17 am

Password Complexity Requirements

Post by matt631 »

The ability to enforce some password complexity requirements for adding new users would be a nice feature.. I take it nothing like this already exists / can be implemented by editing the code?
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: Password Complexity Requirements

Post by FTP »

OK, we will consider it.
niqbert
Posts: 18
Joined: Mon Jul 11, 2011 1:06 pm

Re: Password Complexity Requirements

Post by niqbert »

Any idea if and when "Create random Password" could be customizable?

Would be great if we can specify amount of total characters and minimal 1 alphanumric, 1 non-alphanumric, 1upper/lowercase, etc

Like: "Ab12!@=-"
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: Password Complexity Requirements

Post by FTP »

Yes, you can modify the related javascript by yourself,
just modify the file "webadmin/admin_adduser_form2.html", replace line 1568 to line 1578 with the following script:

Code: Select all

var charArray = ['0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z','~','!','@','#','$','%','^','&','*','(',')','-',"_"];
function generateRandom(len) 
{
    len = 12;
    var result = "";
    for(var i=0; i<len; i++) 
    {
        var index = Math.ceil(Math.random()*72);
        result += charArray[index];
    }
    return result;
}
niqbert
Posts: 18
Joined: Mon Jul 11, 2011 1:06 pm

Re: Password Complexity Requirements

Post by niqbert »

Thanks for the update,
the change in javascript code works good for me in v4.0.9!
Mwaters
Posts: 6
Joined: Tue Mar 05, 2013 7:47 pm

Re: Password Complexity Requirements

Post by Mwaters »

While this is great for new users and creating a new password for them, I would like to see the ability to require similar complexity requirements for users when they change their own passwords. I would also like to see something like "User cannot use any of their last [n] passwords" as well as being able to stipulate the minimum amount of time a password must be used before a change is permitted by the user(Minimum Password Age).
Mwaters
Posts: 6
Joined: Tue Mar 05, 2013 7:47 pm

Re: Password Complexity Requirements

Post by Mwaters »

Just noticed that the "Quick Add" user dialog does not adhere to the same password complexity requirements as the conventional Add User method. Would I need to make the same sort of edits to the "admin_adduser_form.html" file as I did to the "admin_adduser_form2.html" file as explained in an earlier post in this thread?
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: Password Complexity Requirements

Post by FTP »

Mwaters wrote:Just noticed that the "Quick Add" user dialog does not adhere to the same password complexity requirements as the conventional Add User method. Would I need to make the same sort of edits to the "admin_adduser_form.html" file as I did to the "admin_adduser_form2.html" file as explained in an earlier post in this thread?

Yes, just modify those two files.
FTP
Site Admin
Posts: 2072
Joined: Tue Sep 29, 2009 6:09 am

Re: Password Complexity Requirements

Post by FTP »

You can upgrade to the version 4.3.3, now it supports password complexity.
Post Reply