[MDEV-9072] MariaDB Community Edition needs password complexity, expiration, and reuse - Jira

Details

Type: Task
Status: Closed (View Workflow)
Priority: Major
Resolution: Duplicate
Fix Version/s: N/A
Component/s: Authentication and Privilege System
Labels:
None

Description

In order to comply with common industry security standards, MariaDB needs the following:
1. Password complexity. Require at least 8 characters with 3 of 4 categories (lower case, upper case, numbers, special characters).
2. Password Expiration: Able to set a password expiration for user account.
3. Password Reuse: Prevent reuse of password based on number of days.

Attachments

Issue Links

duplicates

MDEV-9244 Add password auto expiration option and history password control feature

Closed

is duplicated by

MDEV-6431 password validation

Closed

MDEV-7597 Expiration of user passwords

Closed

MDEV-9245 password "reuse prevention" validation plugin

Closed

Activity

Ascending order - Click to sort in descending order

Sergei Golubchik added a comment - 2015-11-02 23:04

"Password complexity" task is delegated in MariaDB 10.1 to password validation plugins. In particular, the rule like "at least 8 characters with 3 of 4 categories" can be done with the simple_password_check plugin.
"Password expiration" checks are not supported in MariaDB 10.1. They can be implemented in 10.2 though. See ~~MDEV-7597~~.
"Password reuse" prevention can be easily implemented as a password validation plugin in MariaDB 10.1. But we don't ship a ready-to-use plugin for it yet.

Sergei Golubchik added a comment - 2015-11-02 23:04 "Password complexity" task is delegated in MariaDB 10.1 to password validation plugins . In particular, the rule like "at least 8 characters with 3 of 4 categories" can be done with the simple_password_check plugin. "Password expiration" checks are not supported in MariaDB 10.1. They can be implemented in 10.2 though. See MDEV-7597 . "Password reuse" prevention can be easily implemented as a password validation plugin in MariaDB 10.1. But we don't ship a ready-to-use plugin for it yet.

Sergei Golubchik added a comment - 2015-11-04 13:47

This issue is, in fact, three different issues, where the first one — ~~MDEV-6431~~ — is already completed, the second — ~~MDEV-7597~~ — will probably be in 10.2, and the third is basically covered by ~~MDEV-6431~~, but we don't have a ready-to-use plugin for it.

Thus I'm closing this issue as a duplicate of ~~MDEV-6431~~ and ~~MDEV-7597~~. Shall I create a new issue for a password reuse prevention plugin?

Sergei Golubchik added a comment - 2015-11-04 13:47 This issue is, in fact, three different issues, where the first one — MDEV-6431 — is already completed, the second — MDEV-7597 — will probably be in 10.2, and the third is basically covered by MDEV-6431 , but we don't have a ready-to-use plugin for it. Thus I'm closing this issue as a duplicate of MDEV-6431 and MDEV-7597 . Shall I create a new issue for a password reuse prevention plugin?

Sergei Golubchik added a comment - 2015-12-07 15:20

Created ~~MDEV-9245~~ — password "reuse prevention" validation plugin

Sergei Golubchik added a comment - 2015-12-07 15:20 Created MDEV-9245 — password "reuse prevention" validation plugin

People

Assignee:: Unassigned

Reporter:: Andy Ferretti

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2015-11-02 21:48

Updated:: 2015-12-07 15:20

Resolved:: 2015-11-04 13:51

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server