graylog2-server icon indicating copy to clipboard operation
graylog2-server copied to clipboard

Published 20 hours ago verified publisher icon Graylog2

add option for user password rules (complexity/length)

Open jalogisch opened this issue 7 years ago • 4 comments

Expected Behavior

It should be possible to configure rules for the passwords in Graylog to apply local policies to the Graylog local users.

Context

Current Graylog only has 6 character limit on the passwords for local users but did not allow to adjust the rules for user passwords to the local rules. That could be a longer password or a given complexity.

This would add more security and would allow users to apply with auditor given rules and their local Graylog users.

Your Environment

  • Graylog Version: 2.4.6

HS-752580481

jalogisch avatar Nov 14 '18 09:11 jalogisch

Hello guys, is that functionality was added to graylog? Are there any prediction when we will have it? Thanks.

vinnimin avatar Jul 03 '20 13:07 vinnimin

Another user has requested the ability to set password length / complexity / retry attempts.

patrickmann avatar Jan 27 '22 08:01 patrickmann

"Enterprise customer requesting this feature in HS-752580481"

Bernie-at-Graylog avatar Jan 27 '22 21:01 Bernie-at-Graylog

@boosty Ping

bernd avatar Jan 31 '22 13:01 bernd

Enterprise customer requesting this feature in HS-1620760652

StefanTheGerman avatar May 15 '23 06:05 StefanTheGerman

Hi, please add this improvement, it is really necessary in terms of information security, I had to configure an LDAP server to meet security requirements

martinmdp avatar May 21 '24 17:05 martinmdp

Giving this a bump, request from HS-16309434394.

Assuming Graylog can't reach external identity sources then the policy must be able to be set directly on Graylog.

dunn-graylog avatar Jul 10 '24 14:07 dunn-graylog