From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 78A231FF15E for ; Fri, 4 Oct 2024 15:40:49 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id DCE4FF963; Fri, 4 Oct 2024 15:41:09 +0200 (CEST) From: Shannon Sterz To: pbs-devel@lists.proxmox.com Date: Fri, 4 Oct 2024 15:40:51 +0200 Message-Id: <20241004134054.263913-1-s.sterz@proxmox.com> X-Mailer: git-send-email 2.39.5 MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.046 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pbs-devel] [PATCH proxmox-backup 0/3] implement a minimum length of 8 characters for new passwords X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Backup Server development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pbs-devel-bounces@lists.proxmox.com Sender: "pbs-devel" this patch series aims to implement a minimum length of 8 characters for new passwords. this is more in line with NIST's current recommendations [1]. the first patch in this series also ignores the `password` parameter in the update user endpoint, as it is currently redundant. see the commit for more info. [1]: https://pages.nist.gov/800-63-4/sp800-63b.html#passwordver Shannon Sterz (3): api: ignore password parameter in the update_user endpoint api: enforce minimum character limit of 8 on new passwords ui: set min length for new passwords to 8 pbs-api-types/src/lib.rs | 2 +- src/api2/access/mod.rs | 4 ++-- src/api2/access/user.rs | 32 +++++++++++--------------------- www/config/UserView.js | 1 + www/window/UserEdit.js | 2 +- 5 files changed, 16 insertions(+), 25 deletions(-) -- 2.39.5 _______________________________________________ pbs-devel mailing list pbs-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel