Vesta Control Panel - Forum

Community Forum
https://forum.vestacp.com/

Vesta password policy

https://forum.vestacp.com/viewtopic.php?f=10&t=18734

Page 1 of 1

Vesta password policy

Posted: Sat May 25, 2019 8:05 am
by mlopez
1. Where can I find and how can I modify passwords policies, I mean, the constraints/restrictions applied to passwords for mail accounts when entered in panel?

2. Is there a way to raise the number of characters of generated passwords?

Thank you
ML

Re: Vesta password policy

Posted: Tue May 28, 2019 11:15 am
by skurudo
/root/vesta/func/main.sh

Code: Select all

# Random password generator
generate_password() {
    matrix=$1
    lenght=$2
    if [ -z "$matrix" ]; then
        matrix=0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
    fi
    if [ -z "$lenght" ]; then
        lenght=10
    fi
    i=1
    while [ $i -le $lenght ]; do
        pass="$pass${matrix:$(($RANDOM%${#matrix})):1}"
       ((i++))
    done
    echo "$pass"
}

Re: Vesta password policy

Posted: Tue May 28, 2019 6:00 pm
by mlopez
Thank you, skurudo, but the web-interface has no restrictions at all! You can add a one character password for email accounts, i.e.
And also you can add an email account from cli using this:

Code: Select all

v-add-mail-account myuser example.com peter e

Re: Vesta password policy

Posted: Wed May 29, 2019 7:16 am
by skurudo
mlopez wrote:
Tue May 28, 2019 6:00 pm
 Thank you, skurudo, but the web-interface has no restrictions at all! You can add a one character password for email accounts,
mlopez, some admins/users like simple stuff.. do you think we should resrict all like Apple? It's a choice for everyone.

Re: Vesta password policy

Posted: Wed May 29, 2019 11:22 pm
by mlopez
skurudo wrote:
Wed May 29, 2019 7:16 am
 mlopez, some admins/users like simple stuff.. do you think we should resrict all like Apple? It's a choice for everyone.
No way! I think that, as a security measure Vesta CP should offer a way for the administrator to set the passwords restrictions for users.
Hosting (final) users don't necessarily know or care about server security or passwords policies, but in order to accomplish standard security procedures, as a sysadmin I must establish them. Dont' you think, skurudo?

Anyway, where can I add this password restrictions?

Thank you for your attention!
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/