1 Topic by sryeddla

  • sryeddla
  • Member
  • Offline
  • Registered: 2024-11-12
  • Posts: 7

Topic: Custom password policy for iredadmin portal

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.7.4
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version: Ubuntu 22.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi - We have a requirement to implement strong password policy for iredadmin portal login

Requirement:
Password must be checked against a list of commonly used, expected, and compromised passwords. This list may include, but is not limited to, dictionary words, commonly used passwords, repetitive or sequential characters, context-specific words (e.g., company name, application name, or username), and passwords that have been compromised in a known data breach. The application must reject the user's password if found to breached and provide a reason for rejection to the user.

Can you please let us know if there is a way to implement this password checks for iredadmin portal

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,446

Re: Custom password policy for iredadmin portal

Hi,

iRedAdmin(-Pro) doesn't support this.

3 Reply by chris.23lo

  • chris.23lo
  • Member
  • Offline
  • Registered: 2022-06-30
  • Posts: 63

Re: Custom password policy for iredadmin portal

sryeddla wrote:

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.7.4
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version: Ubuntu 22.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi - We have a requirement to implement strong password policy for iredadmin portal login

Requirement:
Password must be checked against a list of commonly used, expected, and compromised passwords. This list may include, but is not limited to, dictionary words, commonly used passwords, repetitive or sequential characters, context-specific words (e.g., company name, application name, or username), and passwords that have been compromised in a known data breach. The application must reject the user's password if found to breached and provide a reason for rejection to the user.

Can you please let us know if there is a way to implement this password checks for iredadmin portal

This is Sogo specific.

Doc is for Sogo 5.2
https://www.sogo.nu/files/docs/SOGoInst … -using-SQL

userPasswordPolicy is under section SOGoUserSources of sogo.conf