[Openstack-security] [Bug 1461431] Re: Enable admin password complexity verification
Launchpad Bug Tracker
1461431 at bugs.launchpad.net
Sun Aug 30 04:17:33 UTC 2015
[Expired for OpenStack Compute (nova) because there has been no activity
for 60 days.]
** Changed in: nova
Status: Incomplete => Expired
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1461431
Title:
Enable admin password complexity verification
Status in OpenStack Compute (nova):
Expired
Status in OpenStack Security Advisory:
Won't Fix
Bug description:
When performing actions such as create instances, evacuate instances,
rebuild instances, rescue instances and update instances' admin
password. The complexity of user provided admin password has not been
verified. This can cause security problems.
One solution will be adding a configuration option:
using_complex_admin_password = True, if this option is set in
configure file by administrator, then Nova will perform password
complexity checks, the check standards can be set to following the IT
industry general standard, if the provided admin password is not
complex enough, an exception will be throw. If this option is not set
in configure file, then the complexity check will be skipped.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1461431/+subscriptions
More information about the Openstack-security
mailing list