swauth (feature request) allow multiple passwords per user to enable credential rotation

(feature request) allow multiple passwords per user to enable credential rotation

Open maplebed opened this issue 12 years ago • 2 comments

In order to change a user's password when the clients are distributed and the system is under production load, it is useful to be able to manage multiple passwords per user, to enable a phased change.

create new password
change clients configuration
revoke old password

Amazon describes this process here: http://docs.amazonwebservices.com/AWSSecurityCredentials/1.0/AboutAWSCredentials.html#CredentialRotation

Feb 29 '12 18:02 maplebed

This is a neat idea, since it's been awhile I might point out the swift "recently" added support for temp-url-key rotation:

http://docs.openstack.org/developer/swift/misc.html#module-swift.common.middleware.tempurl

^ search for "Key-2"

Tempurl doesn't really solve everything, but it can suite many use cases. e.g.

http://torgomatic.us/blog/2013/05/09/tempurl-tricks-write-only-access-for-backups/

Jan 24 '14 08:01 clayg

moved here: https://bugs.launchpad.net/swauth/+bug/1516983

Nov 17 '15 11:11 onovy

swauth swauth copied to clipboard

(feature request) allow multiple passwords per user to enable credential rotation

swauth
swauth copied to clipboard