Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Increase the password length from 8 characters to 15 characters or more [CORE1898] #2330

Closed
firebird-automations opened this issue May 13, 2008 · 8 comments

Comments

@firebird-automations
Copy link
Collaborator

Submitted by: Bruno Marx (bmx)

Replaces CORE3342
Is duplicated by CORE3933
Is related to QA630

Votes: 5

It would be very desirable to increase the password scheme to support more than 8 characters. Our customer requires us to support a certain number of the Database STIG requirements developed by DISA for the US DoD, including DG0079:

"(DG0079: CAT II) The DBA will ensure database password complexity standards meet current minimum requirements for length (9 characters or more for database application user accounts and 15 characters or more for privileged database accounts) and composition (at least two uppercase characters, two lowercase characters, two special characters, two digits ) where supported by the DBMS".

From DG0079, the SYSDBA password should be at least 15 characters, and other regular user/application passwords at least 9 characters.

Using Firebird 2.1 on Windows platforms, we can always use Windows Authentication to workaround that limitation, although the SYSDBA password length is still an issue.

Thanks.

Commits: 7fb8ebd

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

assignee: Alexander Peshkov [ alexpeshkoff ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Open [ 1 ]

Target: 3.0.0 [ 10048 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @dyemanov

Link: This issue replaces CORE3342 [ CORE3342 ]

@firebird-automations
Copy link
Collaborator Author

Commented by: @AlexPeshkoff

Except longer default passwords in FB3 are also secure: they are not passed over the wire in any way

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 3.0 Alpha 1 [ 10331 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: Sean Leyne (seanleyne)

Link: This issue is duplicated by CORE3933 [ CORE3933 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pcisar

Link: This issue is related to QA630 [ QA630 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pavel-zotov

QA Status: No test

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants