CSSCurrent en:Password Policy: Unterschied zwischen den Versionen
imported>Rillingf Keine Bearbeitungszusammenfassung |
Keine Bearbeitungszusammenfassung |
||
| Zeile 12: | Zeile 12: | ||
== Passwords must be upper and lower case == | == Passwords must be upper and lower case == | ||
Enable this setting to force upper- and lowercase letters within the password | Enable this setting to force upper- and lowercase letters within the password | ||
== Passwords | == Passwords are not allowed to contain commonly used words (Defined in words.lst) == | ||
Enable this setting to countercheck | Enable this setting to countercheck the password with the dictionary to force users not to use common words inside the password. It is checked if one of the commonly used words is not a '''substring''' of the to-be-tested password. | ||
{{TipBox|title=Customizing the dictionary|content=You can edit the dictionary and add or remove words which will be rejected as passwords | By default, the dictionary consists of German words and is applied independently from the language selected in the User Interface. | ||
{{TipBox|title=Customizing the dictionary|content=You can edit the dictionary and add or remove words which will be rejected as substring of passwords. '''Be aware that the password check only considers words with a minimum length of four letters.''' | |||
You can find the dictionary at: `resources/lang/dict/words.lst` | You can find the dictionary at: `resources/lang/dict/words.lst` | ||
}} | |||
== Commonly used passwords are not allowed as passwords (Defined in most-common-passwords.lst) == | |||
Enable this setting to countercheck the password with the dictionary to force users not to use commonly used passwords as the password. It is checked if one of the most common passwords is '''equal''' to the to-be-tested password. | |||
The dictionary consists of the 10,000 most commonly used passwords on the internet. | |||
{{TipBox|title=Customizing the dictionary|content=You can edit the dictionary and add or remove words which will be rejected as passwords. '''Be aware that the password check only considers words with a minimum length of four letters.''' | |||
You can find the dictionary at: `resources/lang/dict/most-common-passwords.lst` | |||
}} | }} | ||
Aktuelle Version vom 7. August 2025, 06:46 Uhr
Security Requirements for passwords
Passwords must contain numbers
Enable this setting to force digits within the password.
Passwords must contain alphabetical characters
Enable this setting to force alphabetical characters within the password.
Passwords must contain special characters
Enable this setting to force special characters within the password.
Passwords must be upper and lower case
Enable this setting to force upper- and lowercase letters within the password
Passwords are not allowed to contain commonly used words (Defined in words.lst)
Enable this setting to countercheck the password with the dictionary to force users not to use common words inside the password. It is checked if one of the commonly used words is not a substring of the to-be-tested password.
By default, the dictionary consists of German words and is applied independently from the language selected in the User Interface.
Commonly used passwords are not allowed as passwords (Defined in most-common-passwords.lst)
Enable this setting to countercheck the password with the dictionary to force users not to use commonly used passwords as the password. It is checked if one of the most common passwords is equal to the to-be-tested password. The dictionary consists of the 10,000 most commonly used passwords on the internet.
Character repetitions or character sequences are not allowed
Enable this setting to deny the use of character repetitions or sequences within the password. This applies to the following patterns:
|
Sequence Type |
Examples |
|---|---|
| Keyboard Sequences | qwert, asdfg, etc. |
| Alphabetical Sequences | abc, xyz. etc. |
| Numeric Sequences | 123 etc. |
| Character Repetitions | aaa, zzz, 111 etc. |
The patterns mentioned above are recognized as such beginning with a length of three characters.
Minimum/Maximum Password Length
Forces users to use a minimum/maximum number of characters for the password.
Whitespaces within passwords
This setting generally applies and is not visible in the Administration Interface. It forces the users not to use whitespaces within the password, such as 'tab', 'blank space' etc.
Blacklist Characters/Invalid Characters
Characters in this field will not be allowed independently of what has been configured above. If a user enters a password containing one of these characters, the password will not be accepted.
Only for automatically generated passwords
If this option is enabled the blacklist character list will not be taken into consideration for passwords entered manually. Only passwords generated automatically will be affected. This means, that automatically generated passwords won't contain any of the specified characters.