password policy

Discussion in 'Installation/Configuration' started by Frans Luteijn, Jul 4, 2023.

  1. Frans Luteijn

    Frans Luteijn New Member

    How can I change the password policy? For an e-mail migration I like to keep the passwords the same and this requires a more relaxed password policy.

    I've seen that in the file interface/lib/classes/validate_password.inc.php the policy is checked and in the file interface/lib/classes/auth.inc.php the policy is determined.

    I've created the file config.inc.local.php with the following content:
    PHP:
    <?php
    $conf
    ['misc']['min_password_length'] = 7;
    $conf['min_password_length'] = 7;
    $conf['misc']['min_password_strength'] = 2;
    $conf['min_password_strength'] = 2;
    ?>
    But that didn't change anything, the message I've got remained the same: "The chosen password does not match the security guidelines. It has to be at least 8 chars in length and have a strength of "Good"."
    I've also added in security/security_settings.ini the following section:
    Code:
    [misc]
    min_password_length=7
    min_password_strength=2
    With no change.
    Remains my question, what settings do I need to change without modifying the code to get a more relaxed password policy.

    Thanks in advance.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    System > Interface > Main config > Misc
     
  3. Frans Luteijn

    Frans Luteijn New Member

    Thanks, this solved my problem. And gives me more understanding how things should be configured.
     

Share This Page