search

archimatetool / archi-modelrepository-plugin

coArchi - a plug-in to share and collaborate on Archi models.
152 stars 52 forks source link

Add primary key password complexity constraints #156

Closed jbsarrodie closed 3 years ago

jbsarrodie commented 3 years ago

It would be good to be able to force people to use a primary key password which is complex enough to be really secure. This could be done by checking :

I think we could define minimum values for each of them through preferences that can be set only in a preference file and not through UI (like updateURL and downloadURL). Of course, setting them all to 0 (which would be the default) would simply allow any kind of password (equal to what we have now).

Phillipus commented 3 years ago

This is ready for testing now.

Password constraints can be set in plugin_customization.ini as, for example:

org.archicontribs.modelrepository/passwordMinLength=10
org.archicontribs.modelrepository/passwordMinLowerCase=2
org.archicontribs.modelrepository/passwordMinUpperCase=2
org.archicontribs.modelrepository/passwordMinDigits=2
org.archicontribs.modelrepository/passwordMinSpecialChars=2

passwordMinLength is over-ridden by the sum of the other constraints if the sum of them is greater. Or it can be left out if the sum of the other constraints is sufficient for passwordMinLength

jbsarrodie commented 3 years ago

I've just tested and that's perfect, so closing this.