1 Topic by dts

  • dts
  • Member
  • Offline
  • Registered: 2013-08-09
  • Posts: 17

Topic: Controlling Password Complexity

==== Required information ====
- iRedMail version: 0.8.7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Ubuntu 14.04.1LTS
- Related log if you're reporting an issue:
====

I am fine with controlling password complexity in RoundCube, as I do want to encourage more complex passwords. I'd like to be able to set less complex passwords (e.g. ones that do not contain an uppercase letter) when I am in the iRedMail Pro Admin panel. There are times when it's simpler to just let a user have a long password with punctuation, numbers and lower case letters they like rather than fighting with them about uppercase and such.

So, what I'd like is the ability to disable the check for uppercase, punctuation, etc., but keep the length check, or in general offer admins the option to say, "yeah, this isn't the greatest idea, but it's necessary" and have a way to store that password.

Why would I want this? I'm trying to migrate users from another mail system, and trying to avoid more complexity for some users who just can't handle it.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Controlling Password Complexity

You can find default password restrictions in file 'libs/default_settings.py' in iRedAdmin-Pro:

#                                                                                  
# Password restrictions                                                            
#                                                                                  
# Special characters which can be used in password.                                
PASSWORD_SPECIAL_CHARACTERS = """#$%&'"*+-,.:;!<=>?@[]/\(){}^_`~"""                
# Must contain at least one letter, one uppercase letter, one number, one special character
PASSWORD_HAS_LETTER = True                                                                                         
PASSWORD_HAS_UPPERCASE = True                                                      
PASSWORD_HAS_NUMBER = True                                                         
PASSWORD_HAS_SPECIAL_CHAR = True

If you want to modify them, please copy the parameter(s) to iRedAdmin-Pro config file "settings.py" then update it to fit your need.