https://tracker.ceph.com/https://tracker.ceph.com/favicon.ico2019-07-03T09:34:22ZCeph Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1400052019-07-03T09:34:22ZTatjana Dehler
<ul><li><strong>Assignee</strong> set to <i>Tatjana Dehler</i></li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1400962019-07-04T12:52:33ZTatjana Dehler
<ul><li><strong>Description</strong> updated (<a title="View differences" href="/journals/140096/diff?detail_id=141526">diff</a>)</li></ul><p>My current idea:</p>
<ol>
<li>How to configure the expiration date (admin perspective)<br />A new setting <em>USER_PWD_EXPIRY_SPAN</em> will be added to <em>settings.py</em>. By default the value will be set to 0, which means the user passwords are never going to expire. The admin can configure this setting on command line (as a first step, would be great to integrate it into a configuration page at a later point of time) and set the amount of days to expire the password. </li>
<li>How to check if the password is expired (internal implementation)<br />A new attribute <em>lastPwdUpdate</em> (unix timestamp) will be added to the <em>user</em> class in <em>access_control.py</em>. When a user logs in and the <em>USER_PWD_EXPIRY_SPAN</em> is defined, the current time will be compared with the <em>lastPwdUpdate</em> value. If (<em>current_time</em> - <em>lastPwdUpdate</em>) < <em>USER_PWD_EXPIRY_SPAN</em> nothing happens. If (<em>current_time</em> - <em>lastPwdUpdate</em>) >= <em>USER_PWD_EXPIRY_SPAN</em> the user will be asked to set a new password. After that <em>lastPwdUpdate</em> will be set to the current time. It would be great if the implementation of <a class="external" href="https://tracker.ceph.com/issues/24655">https://tracker.ceph.com/issues/24655</a> can used here.</li>
<li>How the user gets notified about it<br />When a user tries to log in, he gets notified about the expired password on the login page. He'll be asked to set a new password which will also update the <em>lastPasswordUpdate</em> field to the current time. It would be great if the implementation of <a class="external" href="https://tracker.ceph.com/issues/24655">https://tracker.ceph.com/issues/24655</a> can used here as well.</li>
</ol>
<p>Any further ideas/comments?</p> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1400982019-07-04T13:57:38ZRicardo Diasrdias@suse.com
<ul></ul><p>Tatjana Dehler wrote:</p>
<blockquote>
<p>My current idea:</p>
<ol>
<li>How to configure the expiration date (admin perspective)<br />A new setting <em>USER_PWD_EXPIRY_SPAN</em> will be added to <em>settings.py</em>. By default the value will be set to None, which means the user passwords are never going to expire. The admin can configure this setting on command line (as a first step, would be great to integrate it into a configuration page at a later point of time) and set the amount of days to expire the password.</li>
</ol>
</blockquote>
<p>This means that the expiration span will be the same for all users. I'm not sure about the requirements for this feature, but we could easily define a different expiration span for each user by using a "pwdExpirySpan" attribute in the user profile. We could still have a <em>USER_PWD_DEFAULT_EXPIRY_SPAN</em> as a default value, if the admin wants the same for every user.</p>
<blockquote>
<ol>
<li>How to check if the password is expired (internal implementation)<br />A new attribute <em>lastPwdUpdate</em> (unix timestamp) will be added to the <em>user</em> class in <em>access_control.py</em>. When a user logs in and the <em>USER_PWD_EXPIRY_SPAN</em> is defined, the current time will be compared with the <em>lastPwdUpdate</em> value. If (<em>current_time</em> - <em>lastPwdUpdate</em>) < <em>USER_PWD_EXPIRY_SPAN</em> nothing happens.</li>
</ol>
</blockquote>
<p>I would use a "pwdExpirationDate" that would be set upon password change, and this allows to do a simpler comparison on login: _current_time < pwdExpirationDate</p>
<blockquote>
<p>If (<em>current_time</em> - <em>lastPwdUpdate</em>) >= <em>USER_PWD_EXPIRY_SPAN</em> the user will be asked to set a new password. After that <em>lastPwdUpdate</em> will be set to the current time. It would be great if the implementation of <a class="external" href="https://tracker.ceph.com/issues/24655">https://tracker.ceph.com/issues/24655</a> can used here.</p>
</blockquote>
<p>I think we cannot request the user to change the password when the password expires because of security implications. Imagine the case of an attack that steals a list of active passwords. Then if the user did not change the password before the expiration data, the attacker can do the login in the system with the expired password, and the system will allow the attacker to change the password.</p>
<p>I think the correct approach here is to lock down the account when the password expires. Therefore the user should change the password before the current password expires.<br />If the user does not change the password in time, it must request the Administrator to enable the account with a new password.</p>
<blockquote>
<ol>
<li>How the user gets notified about it<br />When a user tries to log in, he gets notified about the expired password on the login page. He'll be asked to set a new password which will also update the <em>lastPasswordUpdate</em> field to the current time. It would be great if the implementation of <a class="external" href="https://tracker.ceph.com/issues/24655">https://tracker.ceph.com/issues/24655</a> can used here as well.</li>
</ol>
<p>Any further ideas/comments?</p>
</blockquote>
<p>I think we should issue a warning upon login a few (configurable) days before the password expires so that the user has the time to change the password.</p>
<p>Also, this feature can only be implemented after <a class="external" href="https://tracker.ceph.com/issues/40248">https://tracker.ceph.com/issues/40248</a> is resolved, otherwise users will not be able to change their passwords.</p> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1400992019-07-04T14:03:14ZPatrick Seidensal
<ul></ul><p>Ricardo Dias wrote:</p>
<blockquote>
<p>Tatjana Dehler wrote:</p>
<blockquote>
<p>My current idea:</p>
<ol>
<li>How to configure the expiration date (admin perspective)<br />A new setting <em>USER_PWD_EXPIRY_SPAN</em> will be added to <em>settings.py</em>. By default the value will be set to None, which means the user passwords are never going to expire. The admin can configure this setting on command line (as a first step, would be great to integrate it into a configuration page at a later point of time) and set the amount of days to expire the password.</li>
</ol>
</blockquote>
<p>This means that the expiration span will be the same for all users. I'm not sure about the requirements for this feature, but we could easily define a different expiration span for each user by using a "pwdExpirySpan" attribute in the user profile. We could still have a <em>USER_PWD_DEFAULT_EXPIRY_SPAN</em> as a default value, if the admin wants the same for every user.</p>
</blockquote>
<p>I cannot think of a scenario where some users need to change their passwords more frequently than others. I'd postpone this implementation until it's actually required or at least clear, that some customers require such a feature.</p>
<blockquote>
<blockquote>
<ol>
<li>How to check if the password is expired (internal implementation)<br />A new attribute <em>lastPwdUpdate</em> (unix timestamp) will be added to the <em>user</em> class in <em>access_control.py</em>. When a user logs in and the <em>USER_PWD_EXPIRY_SPAN</em> is defined, the current time will be compared with the <em>lastPwdUpdate</em> value. If (<em>current_time</em> - <em>lastPwdUpdate</em>) < <em>USER_PWD_EXPIRY_SPAN</em> nothing happens.</li>
</ol>
</blockquote>
<p>I would use a "pwdExpirationDate" that would be set upon password change, and this allows to do a simpler comparison on login: _current_time < pwdExpirationDate</p>
<blockquote>
<p>If (<em>current_time</em> - <em>lastPwdUpdate</em>) >= <em>USER_PWD_EXPIRY_SPAN</em> the user will be asked to set a new password. After that <em>lastPwdUpdate</em> will be set to the current time. It would be great if the implementation of <a class="external" href="https://tracker.ceph.com/issues/24655">https://tracker.ceph.com/issues/24655</a> can used here.</p>
</blockquote>
<p>I think we cannot request the user to change the password when the password expires because of security implications. Imagine the case of an attack that steals a list of active passwords. Then if the user did not change the password before the expiration data, the attacker can do the login in the system with the expired password, and the system will allow the attacker to change the password.</p>
<p>I think the correct approach here is to lock down the account when the password expires. Therefore the user should change the password before the current password expires.<br />If the user does not change the password in time, it must request the Administrator to enable the account with a new password.</p>
<blockquote>
<ol>
<li>How the user gets notified about it<br />When a user tries to log in, he gets notified about the expired password on the login page. He'll be asked to set a new password which will also update the <em>lastPasswordUpdate</em> field to the current time. It would be great if the implementation of <a class="external" href="https://tracker.ceph.com/issues/24655">https://tracker.ceph.com/issues/24655</a> can used here as well.</li>
</ol>
<p>Any further ideas/comments?</p>
</blockquote>
<p>I think we should issue a warning upon login a few (configurable) days before the password expires so that the user has the time to change the password.</p>
<p>Also, this feature can only be implemented after <a class="external" href="https://tracker.ceph.com/issues/40248">https://tracker.ceph.com/issues/40248</a> is resolved, otherwise users will not be able to change their passwords.</p>
</blockquote>
<p>I like the rest of the proposal!</p> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1401002019-07-04T14:08:50ZTatjana Dehler
<ul></ul><p>Ricardo Dias wrote:</p>
<blockquote>
<p>Tatjana Dehler wrote:</p>
<blockquote>
<p>My current idea:</p>
<ol>
<li>How to configure the expiration date (admin perspective)<br />A new setting <em>USER_PWD_EXPIRY_SPAN</em> will be added to <em>settings.py</em>. By default the value will be set to None, which means the user passwords are never going to expire. The admin can configure this setting on command line (as a first step, would be great to integrate it into a configuration page at a later point of time) and set the amount of days to expire the password.</li>
</ol>
</blockquote>
<p>This means that the expiration span will be the same for all users. I'm not sure about the requirements for this feature, but we could easily define a different expiration span for each user by using a "pwdExpirySpan" attribute in the user profile. We could still have a <em>USER_PWD_DEFAULT_EXPIRY_SPAN</em> as a default value, if the admin wants the same for every user.</p>
</blockquote>
<p>Yes, fine with me.</p>
<blockquote>
<blockquote>
<ol>
<li>How to check if the password is expired (internal implementation)<br />A new attribute <em>lastPwdUpdate</em> (unix timestamp) will be added to the <em>user</em> class in <em>access_control.py</em>. When a user logs in and the <em>USER_PWD_EXPIRY_SPAN</em> is defined, the current time will be compared with the <em>lastPwdUpdate</em> value. If (<em>current_time</em> - <em>lastPwdUpdate</em>) < <em>USER_PWD_EXPIRY_SPAN</em> nothing happens.</li>
</ol>
</blockquote>
<p>I would use a "pwdExpirationDate" that would be set upon password change, and this allows to do a simpler comparison on login: _current_time < pwdExpirationDate</p>
</blockquote>
<p>Also fine with me.</p>
<blockquote>
<blockquote>
<p>If (<em>current_time</em> - <em>lastPwdUpdate</em>) >= <em>USER_PWD_EXPIRY_SPAN</em> the user will be asked to set a new password. After that <em>lastPwdUpdate</em> will be set to the current time. It would be great if the implementation of <a class="external" href="https://tracker.ceph.com/issues/24655">https://tracker.ceph.com/issues/24655</a> can used here.</p>
</blockquote>
<p>I think we cannot request the user to change the password when the password expires because of security implications. Imagine the case of an attack that steals a list of active passwords. Then if the user did not change the password before the expiration data, the attacker can do the login in the system with the expired password, and the system will allow the attacker to change the password.</p>
<p>I think the correct approach here is to lock down the account when the password expires. Therefore the user should change the password before the current password expires.<br />If the user does not change the password in time, it must request the Administrator to enable the account with a new password.</p>
</blockquote>
<p>Yes, I agree.</p>
<blockquote>
<blockquote>
<ol>
<li>How the user gets notified about it<br />When a user tries to log in, he gets notified about the expired password on the login page. He'll be asked to set a new password which will also update the <em>lastPasswordUpdate</em> field to the current time. It would be great if the implementation of <a class="external" href="https://tracker.ceph.com/issues/24655">https://tracker.ceph.com/issues/24655</a> can used here as well.</li>
</ol>
<p>Any further ideas/comments?</p>
</blockquote>
<p>I think we should issue a warning upon login a few (configurable) days before the password expires so that the user has the time to change the password.</p>
</blockquote>
<p>Good idea!</p>
<blockquote>
<p>Also, this feature can only be implemented after <a class="external" href="https://tracker.ceph.com/issues/40248">https://tracker.ceph.com/issues/40248</a> is resolved, otherwise users will not be able to change their passwords.</p>
</blockquote> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1402432019-07-09T15:29:27ZLenz Grimmer
<ul></ul><p>Thank you for this proposal and sorry for chiming in late here. The outcome of the conversation looks good to me (thanks to everyone who contributed), I'd like to point out one thing:</p>
<p>Tatjana Dehler wrote:</p>
<blockquote>
<ol>
<li>How the user gets notified about it<br />When a user tries to log in, he gets notified about the expired password on the login page. He'll be asked to set a new password which will also update the <em>lastPasswordUpdate</em> field to the current time. It would be great if the implementation of <a class="external" href="https://tracker.ceph.com/issues/24655">https://tracker.ceph.com/issues/24655</a> can used here as well.</li>
</ol>
</blockquote>
<p>Due to security reasons, the dashboard must not reveal any specific details about why the user could not log in on the login page itself (at least not on the login page, adding a more detailed reason to the mgr log would be fine). An attacker should not get any hint about <strong>why</strong> the login failed, e.g. if the username or password were incorrect, or if the password expired. This would give them a clue on how to further proceed. For example: an error like "wrong password" would reveal to me, that the username was correct. Similarly, "password expired" would also reveal to me that the user account exists (and I could use social engineering to convince the admin to reset the password). As long as the password is still valid, it's of course fine to remind the user that their password is about to expire and should be renewed</p>
<p>Should we make it configurable how many days in advance this warning appears?</p> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1402822019-07-10T06:27:27ZTatjana Dehler
<ul></ul><p>Lenz Grimmer wrote:</p>
<blockquote>
<p>Thank you for this proposal and sorry for chiming in late here. The outcome of the conversation looks good to me (thanks to everyone who contributed), I'd like to point out one thing:</p>
<p>Tatjana Dehler wrote:</p>
<blockquote>
<ol>
<li>How the user gets notified about it<br />When a user tries to log in, he gets notified about the expired password on the login page. He'll be asked to set a new password which will also update the <em>lastPasswordUpdate</em> field to the current time. It would be great if the implementation of <a class="external" href="https://tracker.ceph.com/issues/24655">https://tracker.ceph.com/issues/24655</a> can used here as well.</li>
</ol>
</blockquote>
<p>Due to security reasons, the dashboard must not reveal any specific details about why the user could not log in on the login page itself (at least not on the login page, adding a more detailed reason to the mgr log would be fine). An attacker should not get any hint about <strong>why</strong> the login failed, e.g. if the username or password were incorrect, or if the password expired. This would give them a clue on how to further proceed. For example: an error like "wrong password" would reveal to me, that the username was correct. Similarly, "password expired" would also reveal to me that the user account exists (and I could use social engineering to convince the admin to reset the password). As long as the password is still valid, it's of course fine to remind the user that their password is about to expire and should be renewed</p>
</blockquote>
<p>Yes, makes sense to me.</p>
<blockquote>
<p>Should we make it configurable how many days in advance this warning appears?</p>
</blockquote>
<p>Yes, that shouldn't be a problem.</p> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1406042019-07-12T15:50:00ZLenz Grimmer
<ul><li><strong>Tags</strong> set to <i>security</i></li><li><strong>Target version</strong> set to <i>v15.0.0</i></li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1406072019-07-12T15:52:59ZLenz Grimmer
<ul><li><strong>Related to</strong> <i><a class="issue tracker-2 status-5 priority-4 priority-default closed child" href="/issues/40248">Feature #40248</a>: mgr/dashboard: As a user, I want to change my password</i> added</li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1406192019-07-12T15:55:05ZLenz Grimmer
<ul><li><strong>Related to</strong> <i><a class="issue tracker-2 status-5 priority-4 priority-default closed child" href="/issues/25229">Feature #25229</a>: mgr/dashboard: Provide user enable/disable capability</i> added</li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1406242019-07-12T15:55:30ZLenz Grimmer
<ul><li><strong>Related to</strong> <i><a class="issue tracker-2 status-5 priority-6 priority-high2 closed child" href="/issues/24655">Feature #24655</a>: mgr/dashboard: Enforce password change upon first login</i> added</li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1406262019-07-12T15:55:53ZLenz Grimmer
<ul><li><strong>Related to</strong> <i><a class="issue tracker-2 status-5 priority-4 priority-default closed child" href="/issues/25232">Feature #25232</a>: mgr/dashboard: Support minimum password complexity rules </i> added</li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1406292019-07-12T15:57:22ZLenz Grimmer
<ul><li><strong>Related to</strong> <i><a class="issue tracker-2 status-3 priority-4 priority-default closed child" href="/issues/39999">Feature #39999</a>: mgr/dashboard: Prevent brute-force/dictionary attacks against existing local user accounts</i> added</li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1419922019-07-29T13:29:09ZRicardo Marquesrimarques@suse.com
<ul><li><strong>Related to</strong> <i><a class="issue tracker-1 status-1 priority-4 priority-default" href="/issues/40328">Bug #40328</a>: mgr/dashboard: Permanent notifications instead of repeated notifications</i> added</li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1432282019-08-16T11:16:27ZTatjana Dehler
<ul><li><strong>Assignee</strong> deleted (<del><i>Tatjana Dehler</i></del>)</li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1458452019-09-11T13:28:32ZTatjana Dehler
<ul><li><strong>File</strong> <a href="/attachments/download/4415/Screenshot_2019-09-11_15-23-50.png">Screenshot_2019-09-11_15-23-50.png</a> <a class="icon-only icon-magnifier" title="View" href="/attachments/4415/Screenshot_2019-09-11_15-23-50.png">View</a> added</li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1462032019-09-16T07:53:29ZTatjana Dehler
<ul><li><strong>Assignee</strong> set to <i>Tatjana Dehler</i></li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1487612019-10-16T08:57:23ZTatjana Dehler
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>In Progress</i></li><li><strong>Pull request ID</strong> set to <i>30939</i></li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1489282019-10-18T07:42:20ZTatjana Dehler
<ul><li><strong>Description</strong> updated (<a title="View differences" href="/journals/148928/diff?detail_id=151571">diff</a>)</li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1500442019-10-30T16:11:02ZTatjana Dehler
<ul></ul><blockquote>
<p>Further questions:</p>
<ul>
<li>admin password expiry: Should it be possible to set an expiry date for the admin password as well? Or only if there is at least another admin account? If it should not be possible to set expiry date prevent the user from doing so.</li>
</ul>
</blockquote>
<p>Passwords of admin accounts should never expire in my opinion.</p>
<blockquote>
<ul>
<li>disabled users password expiry: Should it be possible to set/have an expiry date for disabled users?</li>
</ul>
</blockquote>
<p>It should not be possible to set an expiry date for disabled users in my opinion. While disabling a user account the expiry date field should be cleared if set.</p>
<blockquote>
<ul>
<li>'ac_user_create_cmd' requires timestamp as 'pwd_expiry_date': The function (ac_user_create_cmd) to create a user on the command line requires a timestamp as 'pwd_expiry_date' at the moment. Do we want to keep it or change the behavior here?</li>
</ul>
</blockquote>
<p>?</p>
<blockquote>
<ul>
<li>recalculate password expiry date: issue <a class="external" href="https://tracker.ceph.com/issues/40329">https://tracker.ceph.com/issues/40329</a> introduces a default expiry span (USER_PWD_DEFAULT_EXPIRY_SPAN) for the user passwords and adds a password expiry date field (pwd_expiry_date) to the User class. If the administrator edits the USER_PWD_DEFAULT_EXPIRY_SPAN variable the password expiry dates need to be re-calculated.</li>
</ul>
</blockquote>
<p>?</p>
<blockquote>
<ul>
<li>update password expiry date (which is set manually): If the 'USER_PWD_DEFAULT_EXPIRY_SPAN' is set and the user changes the password, it's easy to update the expiry date to the next date. But what happens if 'USER_PWD_DEFAULT_EXPIRY_SPAN' is not set and the password expiry date was entered manually?</li>
</ul>
</blockquote>
<p>I would assume the password expiry date will be cleared.</p> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1544542019-12-16T09:50:11ZLenz Grimmer
<ul><li><strong>Status</strong> changed from <i>In Progress</i> to <i>Resolved</i></li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1548342019-12-27T04:26:48ZKefu Chaitchaikov@gmail.com
<ul><li><strong>Related to</strong> <i><a class="issue tracker-1 status-3 priority-4 priority-default closed" href="/issues/43431">Bug #43431</a>: mgr/dashboard: test_create_with_default_expiration_date (tasks.mgr.dashboard.test_user.UserTest)</i> added</li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1723502020-08-05T14:37:21ZErnesto Puerta
<ul><li><strong>Status</strong> changed from <i>Resolved</i> to <i>Pending Backport</i></li><li><strong>Backport</strong> set to <i>nautilus</i></li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1723512020-08-05T14:38:05ZErnesto Puerta
<ul><li><strong>Copied to</strong> <i><a class="issue tracker-9 status-6 priority-4 priority-default closed" href="/issues/46837">Backport #46837</a>: nautilus: mgr/dashboard: user management improvements (password change, password complexity, ...)</i> added</li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1754802020-09-21T14:50:15ZErnesto Puerta
<ul><li><strong>Status</strong> changed from <i>Pending Backport</i> to <i>Closed</i></li><li><strong>Backport</strong> deleted (<del><i>nautilus</i></del>)</li></ul><p>For clean/safe backport it requires more <a href="https://tracker.ceph.com/issues/46837#note-4" class="external">than 11 additionall PRs</a></p>
<p>Closing.</p> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1767862020-10-06T10:45:41ZErnesto Puerta
<ul><li><strong>Parent task</strong> set to <i>#47765</i></li></ul> Dashboard - Feature #40329: mgr/dashboard: It should be possible to set an expiration date for the user passwordhttps://tracker.ceph.com/issues/40329?journal_id=1919052021-04-15T17:30:19ZErnesto Puerta
<ul><li><strong>Project</strong> changed from <i>mgr</i> to <i>Dashboard</i></li><li><strong>Category</strong> changed from <i>150</i> to <i>Component - Users & Roles</i></li></ul>