Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-11309

Give the possibility to pick the password security level



    • New Feature
    • Resolution: Fixed
    • Major
    • 11.9
    • 6.2
    • Administration
    • None
    • Integration
    • Unknown



      • We need to review our way of checking the password so it can be the right time to add a new functionality
      • Other Intranet application come with a stronger password than 6 letter minimum since password are generated by the tool directly including special chars, caps, ...
      • XWiki prone to say that it's a secure tool and users love to see security options to be aware of it.


      • Give the admin the possibility to pick the security level for passwords in using a specific list of prepared case which does not involve any regex writing or script modification but only checkboxes.


      • Add a menu in administration labelled "Password validation"
      • The page will display checkboxes in front of different checks which can be done with regex.
        • Password must be at least "LIST" character long => Is checked by default with "6" picked
          • options : 6, 8, 10, 12
        • Password need minimum one capital character
        • Password need minimum one numeric character
        • Password need minimum one special character (non alpha-numerical character)

      If the admin change this after that a user has been created, we won't bother the user but if at some point he wants to change he ill be force to fill the new conditions.

      Proposal plus 1

      • An other option would be to force all passwords to be random and created by the tool in respecting the selected rules and sent by emails.

      Proposal plus 2

      • An other option could be to give a custom regex check. In that case we'll need also to add a field to set the error message manually since it also has to be custom.


        Issue Links



              surli Simon Urli
              jcoury Jean Coury
              0 Vote for this issue
              2 Start watching this issue