Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve security measures #48

Open
linusgke opened this issue Nov 26, 2023 · 2 comments
Open

Improve security measures #48

linusgke opened this issue Nov 26, 2023 · 2 comments
Labels
Prio B high priority

Comments

@linusgke
Copy link
Member

  • Add password policy for strong passwords
  • Lock users accounts if certain amount of unsuccessful login attempts is surpassed
@lchristmann
Copy link
Member

Password Policy Suggestion:
We could implement the recommendations of the BSI for creating secure passwords.

Under "Length and complexity: Two crucial characteristics" they suggest:

Character types refers in the following to: BigLetter, SmallLetter, Number, SpecialSymbol

  • either a long password (20+ chars) having two types of characters
  • or a short password (8+ chars) having all 4 types of characters

So you must have either short & complex or long & less complex or both. People could choose.

@lchristmann
Copy link
Member

lchristmann commented Nov 26, 2023

How about a maximum login attempts of 12?

@lchristmann lchristmann added the Prio B high priority label Dec 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Prio B high priority
Projects
None yet
Development

No branches or pull requests

2 participants