<div style="color:#000; font-size: 14px;font-family: arial;"><div><div> 在2013年12月31 03时15分,"Brant Knudson"<blk@acm.org>写道:</div><blockquote id="isReplyContent" style="padding-left:1ex; margin: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><br> <div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Dec 30, 2013 at 12:55 AM, li-zheming <span dir="ltr"><<a href="mailto:li-zheming@163.com" target="_blank">li-zheming@163.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>hi all:<br> when create user, you can set user password. You can set password as a simple word 'a'. the<br>password is too simple but not limit. if someone want to steal your password, it is so easily(such as <span>exhaustion</span>).<br>I consider that it must be limited when set password, like this:<br> 1. inlcude uppper and lower letters<br> 2. include nums<br> 3. include <span>particular</span> symbol,such as '_','&' <br> 4. the length>8<br>administor can set the password rule. <br><br>I want to provide a BP about this issue. can you give me some advice or ideas??<br>thanks!<br> lizheming<br><br></div></blockquote></div></div><div class="gmail_extra"><br>I'd
prefer it if we didn't reinvent this wheel ourselves. If customers need
to enforce password strength, expiration, history, user lockout, etc,
then they should store users in an LDAP directory that supports these
things and configure Keystone to use that.<br><br></div><div class="gmail_extra">- Brant<br><br></div></div><br></blockquote></div></div><div> hi brant:<br> I am sorry, I may be not understand how "store users in an LDAP directory that supports these
things and configure Keystone to use that". Is there some configure in keystone?<br></div><!-- jy5ContentSuffix -->