Details

      Description

      Guacamole currently lacks support for enforcement of password policies within the existing authentication backends. This is not relevant for the backends which are read-only, but definitely makes a difference for the database authentication.

      We should provide password policies in line with current de facto standards. Specifically, the following restrictions need to be supported:

      1. Minimum password age (how long before the password CAN be changed)
      2. Maximum password age (how long before the password MUST be changed)
      3. Minimum password length
      4. Minimum number of character classes:
        1. Uppercase
        2. Lowercase
        3. Symbols
        4. Digits
      5. Must not containing the username
      6. Must not match last N passwords

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                mike.jumper Michael Jumper
                Reporter:
                mike.jumper Michael Jumper
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: