Results 1 to 9 of 9

Thread: Passwords (AGAIN)

  1. #1
    cyber7 is offline Special Member
    Join Date
    May 2010
    Location
    Cape Town; South Africa
    Posts
    102
    Rep Power
    5

    Question Passwords (AGAIN)

    Hi Guys
    is there a way to stop users from using the same password, just with a small alteration? I have users who use:
    Password12
    Password13
    Password14
    ...

    How do I stop the use (for example "assword") of certain elements within the password? Is there a way that I can build a "custom dictionary" of restricted words, phrases or key combinations?

    I would have thought Zimbra would have a "Restrict" option with a file list for 'forced' unused words...

    Thank you
    Aubrey Kloppers (aka cyber7)
    Cape Town
    Code:
    Never trust a fart...
    Release 8.0.0_GA_5434.RHEL6_64_20120907144743 CentOS6_64 NETWORK edition.

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,470
    Rep Power
    56

    Default

    Enforce 'secure' passwords via a password policy (see the Admin Guide) in the Admin UI
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    cyber7 is offline Special Member
    Join Date
    May 2010
    Location
    Cape Town; South Africa
    Posts
    102
    Rep Power
    5

    Default

    Thank you, Bill
    I will imediately look into that.

    Kind regards
    Aubrey
    Code:
    Never trust a fart...
    Release 8.0.0_GA_5434.RHEL6_64_20120907144743 CentOS6_64 NETWORK edition.

  4. #4
    cyber7 is offline Special Member
    Join Date
    May 2010
    Location
    Cape Town; South Africa
    Posts
    102
    Rep Power
    5

    Default

    Hi Bill
    Please could you give me a pointer? I can not see a "secure"password option via the password UI...

    Thank you
    cyber7
    Code:
    Never trust a fart...
    Release 8.0.0_GA_5434.RHEL6_64_20120907144743 CentOS6_64 NETWORK edition.

  5. #5
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,470
    Rep Power
    56

    Default

    It's in the COS Advanced settings or P97 (I think) of the NE Administrators Guide.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  6. #6
    cyber7 is offline Special Member
    Join Date
    May 2010
    Location
    Cape Town; South Africa
    Posts
    102
    Rep Power
    5

    Default

    Hi Bill
    Thank you again for your quick respond. What I have is the following:
    policy.jpg

    As you can see, there is nothing regarding "secure" passwords... Am I missing something?

    Kind regards
    Aubrey
    Code:
    Never trust a fart...
    Release 8.0.0_GA_5434.RHEL6_64_20120907144743 CentOS6_64 NETWORK edition.

  7. #7
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,470
    Rep Power
    56

    Default

    Quote Originally Posted by cyber7 View Post
    As you can see, there is nothing regarding "secure" passwords... Am I missing something?
    No, you're not missing anything. The word 'secure' was in single quotes to indicate that passwords using those rules would be more secure than allowing users to choose their own passwords (which, as you've indicated, a poor choices and less secure). They would perhaps be better described as 'strong' password but nevertheless you need to implement a system that enforces some rules that restrict what the user can enter for a password.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  8. #8
    cyber7 is offline Special Member
    Join Date
    May 2010
    Location
    Cape Town; South Africa
    Posts
    102
    Rep Power
    5

    Default

    Hi Bill,
    Ok, without sounding stupid, how do I enforce a rule in Zimbra that restrict what a user can enter for a password? Is this not what I asked (in a different way) initially? I am trying to force users (or restrict users) from using certain words/key-phrases...

    Kind regards
    Aubrey
    Code:
    Never trust a fart...
    Release 8.0.0_GA_5434.RHEL6_64_20120907144743 CentOS6_64 NETWORK edition.

  9. #9
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,470
    Rep Power
    56

    Default

    Set a password so that it must contain some combination of those setting such as numbers/letters/punctuation/special characters etc. and set a history of 'n' so they can't repeat the password too often (i.e.e 10 or 20) and a maximum password age and minimum length - some of those will limit what they can set as a password. There are also plenty of internet articles that can give you further ideas of what would be good rules to use.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. passwords
    By ramlang in forum Administrators
    Replies: 0
    Last Post: 02-07-2013, 02:12 AM
  2. zmztozmig - Passwords?
    By dhayes in forum Migration
    Replies: 1
    Last Post: 08-09-2012, 10:51 PM
  3. Passwords
    By LowWalker in forum Administrators
    Replies: 9
    Last Post: 05-20-2009, 05:36 AM
  4. $ not allowed in passwords...
    By vdjan in forum Installation
    Replies: 6
    Last Post: 03-27-2007, 02:24 PM
  5. Passwords
    By unilogic in forum Developers
    Replies: 4
    Last Post: 04-19-2006, 04:02 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •