Details
Description
Feature request @ https://requests.blesta.com/topic/admin-ability-to-config-client-password-requirements
When Plesk provisions accounts, the passwords it generates are not secure enough for Plesk's default password security. The default security of password in Plesk are set as "Strong" with the following definition:
- At least 8 characters
- At least one uppercase letter
- At least one lowercase letter
- At least one digit
- At least one special character
Plesk also has a "Very Strong" password option, that has the following requirements. It may be worth considering generating passwords to meet this standard so that it will be sufficient regardless of the configuration of Plesk:
- At least 16 characters
- Include multiple occurrences of uppercase letters
- Include multiple occurrences of lowercase letters
- Include multiple occurrences of digits
- Include multiple occurrences of special characters
Originally reported here, see also for screenshot of Plesk password strength settings. https://www.blesta.com/forums/index.php?/topic/7633-plesk-module-bugs/
Activity
Paul Phillips
created issue -
Tyson Phillips (Inactive)
made changes -
Field | Original Value | New Value |
---|---|---|
Story Points | 2 |
Tyson Phillips (Inactive)
made changes -
Sprint | 4.6.0 Sprint 1 [ 68 ] |
Tyson Phillips (Inactive)
made changes -
Rank | Ranked higher |
Tyson Phillips (Inactive)
made changes -
Sprint | 4.6.0 Sprint 1 [ 68 ] | 4.6.0 Sprint 2 [ 69 ] |
Tyson Phillips (Inactive)
made changes -
Rank | Ranked lower |
Tyson Phillips (Inactive)
made changes -
Fix Version/s | 4.6.0-b1 [ 11117 ] | |
Fix Version/s | Short Term [ 10800 ] |
Tyson Phillips (Inactive)
made changes -
Sprint | 4.6.0 Sprint 2 [ 69 ] | 4.6.0 Sprint 2, 4.6.0 Sprint 3 [ 69, 79 ] |
Tyson Phillips (Inactive)
made changes -
Rank | Ranked higher |
Tyson Phillips (Inactive)
made changes -
Sprint | 4.6.0 Sprint 2, 4.6.0 Sprint 3 [ 69, 79 ] | 4.6.0 Sprint 2, 4.6.0 Sprint 3, 4.6.0 Sprint 4 [ 69, 79, 80 ] |
Tyson Phillips (Inactive)
made changes -
Sprint | 4.6.0 Sprint 2, 4.6.0 Sprint 3, 4.6.0 Sprint 4 [ 69, 79, 80 ] | 4.6.0 Sprint 2, 4.6.0 Sprint 3, 4.6.0 Sprint 5 [ 69, 79, 81 ] |
Tyson Phillips (Inactive)
made changes -
Rank | Ranked lower |
Tyson Phillips (Inactive)
made changes -
Sprint | 4.6.0 Sprint 2, 4.6.0 Sprint 3, 4.6.0 Sprint 6 [ 69, 79, 81 ] | 4.6.0 Sprint 2, 4.6.0 Sprint 3, 4.6.0 Sprint 6, 4.6.0 Sprint 7 [ 69, 79, 81, 85 ] |
Tyson Phillips (Inactive)
made changes -
Rank | Ranked higher |
Tyson Phillips (Inactive)
made changes -
Rank | Ranked lower |
Tyson Phillips (Inactive)
made changes -
Sprint | 4.6.0 Sprint 2, 4.6.0 Sprint 3, 4.6.0 Sprint 6, 4.6.0 Sprint 7 [ 69, 79, 81, 85 ] | 4.6.0 Sprint 2, 4.7.0 Sprint 1, 4.6.0 Sprint 3, 4.6.0 Sprint 6 [ 69, 76, 79, 81 ] |
Tyson Phillips (Inactive)
made changes -
Rank | Ranked lower |
Tyson Phillips (Inactive)
made changes -
Fix Version/s | 4.6.0-b1 [ 11117 ] |
Tyson Phillips (Inactive)
made changes -
Rank | Ranked higher |
Tyson Phillips (Inactive)
made changes -
Description |
When Plesk provisions accounts, the passwords it generates are not secure enough for Plesk's default password security. The default security of password in Plesk are set as "Strong" with the following definition:
* At least 8 characters * At least one uppercase letter * At least one lowercase letter * At least one digit * At least one special character Plesk also has a "Very Strong" password option, that has the following requirements. It may be worth considering generating passwords to meet this standard so that it will be sufficient regardless of the configuration of Plesk: * At least 16 characters * Include multiple occurrences of uppercase letters * Include multiple occurrences of lowercase letters * Include multiple occurrences of digits * Include multiple occurrences of special characters Originally reported here, see also for screenshot of Plesk password strength settings. https://www.blesta.com/forums/index.php?/topic/7633-plesk-module-bugs/ |
Feature request @ https://requests.blesta.com/topic/admin-ability-to-config-client-password-requirements
When Plesk provisions accounts, the passwords it generates are not secure enough for Plesk's default password security. The default security of password in Plesk are set as "Strong" with the following definition: * At least 8 characters * At least one uppercase letter * At least one lowercase letter * At least one digit * At least one special character Plesk also has a "Very Strong" password option, that has the following requirements. It may be worth considering generating passwords to meet this standard so that it will be sufficient regardless of the configuration of Plesk: * At least 16 characters * Include multiple occurrences of uppercase letters * Include multiple occurrences of lowercase letters * Include multiple occurrences of digits * Include multiple occurrences of special characters Originally reported here, see also for screenshot of Plesk password strength settings. https://www.blesta.com/forums/index.php?/topic/7633-plesk-module-bugs/ |
Jonathan Reissmueller
made changes -
Assignee | Jonathan Reissmueller [ jonathan ] |
Automated transition triggered when Jonathan Reissmueller created a branch in Stash -
Status | Open [ 1 ] | In Progress [ 3 ] |
Jonathan Reissmueller
made changes -
Remaining Estimate | 0 minutes [ 0 ] | |
Time Spent | 1 hour, 19 minutes [ 4740 ] | |
Worklog Id | 12378 [ 12378 ] |
Automated transition triggered when Jonathan Reissmueller created pull request #9 in Stash -
Status | In Progress [ 3 ] | In Review [ 5 ] |
Resolution | Fixed [ 1 ] |
Tyson Phillips (Inactive)
made changes -
Fix Version/s | 4.7.0-b1 [ 11123 ] |
Tyson Phillips (Inactive)
made changes -
Sprint | 4.6.0 Sprint 2, 4.7.0 Sprint 1, 4.6.0 Sprint 3, 4.6.0 Sprint 6 [ 69, 76, 79, 81 ] | 4.6.0 Sprint 2, 4.7.0 Sprint 1, 4.6.0 Sprint 3, 4.6.0 Sprint 6, 4.7.0 Sprint 2 [ 69, 76, 79, 81, 87 ] |
Tyson Phillips (Inactive)
made changes -
Rank | Ranked higher |
Jonathan Reissmueller
made changes -
Time Spent | 1 hour, 19 minutes [ 4740 ] | 3 hours, 35 minutes [ 12900 ] |
Worklog Id | 12429 [ 12429 ] |
Automated transition triggered when Tyson Phillips (Inactive) merged pull request #9 in Stash -
Status | In Review [ 5 ] | Closed [ 6 ] |