Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-6554

Password security compliance check

Details

    • Task
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Duplicate
    • N/A
    • Plugins
    • None

    Description

      Hi All,
      as per enterprise security requirements I just wanted to ask, if it's possible to extend the complexity policies to meet certain password requirements like:
      enforce password expiration period, like configurable parameter of the password policy? After a certain amount of time password expires and got invalidated?

      In addition to, in order to be fully security compliant, previous passwords should be saved in order to enforce user not to repeat previous N passwords. That feature currently can be implemented using triggers, however superuser always has possibility to replace or change trigger, so embedded mechanism would be preferable =)

      Thank you!

      Attachments

        Issue Links

          is duplicated by

          Task - A task that needs to be done. MDEV-7597 Expiration of user passwords

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Task - A task that needs to be done. MDEV-7598 Block user accounts after failed login attempts

          • Major - Major loss of function.
          • Closed
          relates to

          Task - A task that needs to be done. MDEV-6431 password validation

          • Major - Major loss of function.
          • Closed

          Activity

            Ascending order - Click to sort in descending order
            serg Sergei Golubchik added a comment -

            Password expiration: yes, possible. I've put a tentative version of 10.2, but this can be changed.

            To save previous passwords — a password validation plugin (MDEV-6431) can easily do that. But it might require support for multiple password validation plugins.

            serg Sergei Golubchik added a comment - Password expiration: yes, possible. I've put a tentative version of 10.2, but this can be changed. To save previous passwords — a password validation plugin ( MDEV-6431 ) can easily do that. But it might require support for multiple password validation plugins.
            colin Colin Charles added a comment -

            As a design note, Adam Scott (adam.c.scott@gmail.com) on the mailing list says:
            For MDEV-6554 you may want to add the ability to prevent 3 or more repeating characters and not match the account id.

            colin Colin Charles added a comment - As a design note, Adam Scott (adam.c.scott@gmail.com) on the mailing list says: For MDEV-6554 you may want to add the ability to prevent 3 or more repeating characters and not match the account id.
            serg Sergei Golubchik added a comment -

            Split and moved to MDEV-7597 and MDEV-7598

            serg Sergei Golubchik added a comment - Split and moved to MDEV-7597 and MDEV-7598

            People

              serg Sergei Golubchik
              trofimal Aleksej Trofimov
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.