[ZBXNEXT-4029] password complexity requirement support Created: 2017 Aug 15  Updated: 2024 Apr 10  Resolved: 2021 Aug 25

Status: Closed
Project: ZABBIX FEATURE REQUESTS
Component/s: API (A), Frontend (F)
Affects Version/s: 3.4.0rc1
Fix Version/s: 6.0.0alpha1, 6.0 (plan)

Type: New Feature Request Priority: Trivial
Reporter: richlv Assignee: Valdis Murzins
Resolution: Fixed Votes: 13
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: PNG File Screenshot 2021-09-01 at 09.05.40.png    
Issue Links:
Causes
Duplicate
is duplicated by ZBXNEXT-4225 There is no strength check on web use... Closed
is duplicated by ZBXNEXT-6673 Stronger internal password policy Closed
Sub-task
depends on ZBX-11897 Passwords containing '@' and a traili... Closed
Team: Team B
Sprint: Sprint 77 (Jun 2021), Sprint 78 (Jul 2021), Sprint 79 (Aug 2021)
Story Points: 5

 Description   

most users know that they should not use short, weak passwords. unfortunately, without any technical restrictions in place, some users still end up with very bad passwords.
in zabbix, there currently are no password complexity requirements. some could be added, possibly with the help of https://github.com/cracklib/cracklib

it has been mentioned that an ldap backend would allow this. unfortunately, ldap is not always a possibility (no access to ldap servers from zabbix or a dedicated system that is not supposed to integrate). additionally, user management becomes complex, as new users cannot be added from zabbix alone anymore.

 Comments   
Comment by Miks Kronkalns [ 2021 Jun 28 ]

Implemented in development branch feature/ZBXNEXT-4029-5.5.

Comment by Miks Kronkalns [ 2021 Jul 26 ]

Updated API documentation:

Comment by Miks Kronkalns [ 2021 Jul 27 ]

Implemented in:

Comment by Valdis Murzins [ 2021 Aug 10 ]

Documentation updated:

Comment by Brian van Baekel [ 2021 Sep 01 ]

I think the implementation is ok, but the first thing that bothers me... inconsistent use of the question marks.

Comment by Nathan Liefting [ 2021 Sep 07 ]

I Agree with Brian, but the new circle question mark is definitely an improvement in my eyes. Perhaps nice to update the one on Latest data.

Comment by Gergely Czuczy [ 2021 Nov 10 ]

May I ask whether we will be able to specify the password complexity requirements in a technically correct way (read: minimum number of entropy bits), or will it be the usual number-of-this-and-that popular thingie?

 

Comment by Alex Kalimulin [ 2021 Nov 11 ]

phoemix, we don't rule out adding the number of entropy bits provided there is enough demand for it. But for now it's only the "popular thingie"

Generated at Thu Apr 03 02:19:43 EEST 2025 using Jira 9.12.4#9120004-sha1:625303b708afdb767e17cb2838290c41888e9ff0.