Open prownd opened 1 month ago
Thank you for your contribution!
I'm concerned how well a pwquality will work for VNC passwords, given that they are limited to 8 characters. #370 would probably need to be implemented first. Otherwise the user might come up with a long and secure to keep pwquality happy, but overlook the fact that the actual used password is much shorter.
It should probably also just be a warning when pwquality fails, not an error, given that it is difficult to get a good password with so few characters.
Yes, due to the VNC protocol, the actual length of the VNC password used is 8 characters. The first version I modified did indeed limit the maximum length to 8 characters. However, considering that there has always been no limit on the maximum length when setting passwords, so I removed the limit of 8 characters. According to your suggestion, when pwquality fails, there will only be an alarm prompt. Instead of terminating password settings
Thank you for your contribution!
I'm concerned how well a pwquality will work for VNC passwords, given that they are limited to 8 characters. #370 would probably need to be implemented first. Otherwise the user might come up with a long and secure to keep pwquality happy, but overlook the fact that the actual used password is much shorter.
It should probably also just be a warning when pwquality fails, not an error, given that it is difficult to get a good password with so few characters.
According to your opinion, when setting a password, add an 8-character limit. Can I modify and submit it again or not
Use libpwquality to check password quality and complexity, improving security. The validation rules for libpwquality are as follows:
- The minimum password length is 6 and the maximum is 8
- Password characters repeat once
- At least 3 types of characters are required
- Add i18n internationalization support and Chinese localization translation.
@CendioOssman Could you please take a look and see if there is anything else that needs to be added.
@CendioOssman
I have made modifications according to your suggestions.
Could you please review it to see if it is correct.
Could you please take a moment to review again . @CendioOssman
Add a password complexity strategy for VNC user authentication enhance password quality verification checks, and enhance security
Additionally, Chinese translation has been added