Actions
Documentation #42165
openFeature #47765: mgr/dashboard: security improvements
mgr/dashboard: Document new password requirements in the installation documentation
% Done:
0%
Tags:
Backport:
Reviewed:
Affected Versions:
Pull request ID:
Description
Starting with Ceph Octopus, the Dashboard supports enforcing some minimum password complexity rules. These limitations should be documented, so users are aware when creating new user accounts. In particular, it should be noted that a password:
- Must contain at least 8 characters
- Cannot contain username
- Cannot contain any keyword used in Ceph, e.g. "osd", "host", "dashboard", "pool", "block", "nfs", "ceph", "monitors", "gateway", "logs", "crush", "maps"
- Cannot contain any repetitive characters e.g. "aaa"
- Cannot contain any sequencial characters e.g. "abc"
- Must consist of characters from the following groups:
- alphabetic a-z, A-Z
- numbers 0-9
- special chars: !"#$%& \'()*+,-./:;<=>?@[]^_`|~
- any other characters (signs)
Actions