I want to
a) enforce custom minimum password complexity requirements
b) enable zero length passwords
Ideally, password complexity requirement would be linked to group membership.
I understand that using external authentication would allow this however the application is for a site which would not otherwise require a directory service and many users would be external to the host organisation. And additionally, internal users WILL be configured for auth in MS AD.
Hello Nic,
It looks like this question has been asked a couple times on Answer before.
https://answers.atlassian.com/questions/19518/password-complexity-within-confluence
https://answers.atlassian.com/questions/8838/how-to-force-users-to-use-strong-password
Both of these cases cite an old Adaptavist Plugin (User Security Management) that I am no able to locate any longer.
I went ahead and filed the following feature request on your behalf.
https://jira.atlassian.com/browse/CONF-27986
Please go ahead and vist this issue and vote on it. The more visitbility we can garner for this issue means the more likely our developers are to include it in a future release of Confluence. I have attached this post to further incease it's visibility.
Thanks Daniel. I too found the Adaptivist links, but nothing at Adaptivist site now refers. I think that there are two distinct issues here and your proposed feature request addresses one of them; the other is documentation - i.e. I can't find anywhere a description of what the current system actually requires in terms of password complexity, and I suggest that along side that missing documentation should be the statement that currently there is no way to configure any variation in that policy.
Assuming that is a correct statement, I'm happy to close the query?
nic
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Nic,
There is currently no complexity requirement for Confluence. If this feature is implemented we will need to document how to set and enforce this requirement. I will add a private comment about making sure we document this functionality once it is relased.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Wasn't sure what you meant by 'no complexity requirement'. But by experiment I discover that even a single character is allowed! But not null. That is what I mean by the complexity requirement. Though it is certainly minimal!
thanks and signing off
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Who doesn’t love a good template? We sure do! Check out our top template picks for Marketing teams who want to streamline their processes, enhance collaboration, and take their marketing to new heights.
Read more 📚Online forums and learning are now in one easy-to-use experience.
By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.