Changes

From SME Server
Jump to navigationJump to search
Modified layout and content
Line 316: Line 316:  
*How can I change password strength & what do the strength settings mean?
 
*How can I change password strength & what do the strength settings mean?
    +
{{Warning box|It is strongly advised not advised not to set the password strength setting to ''none'' as this will lower the security of your server significantly.}}
   −
You are strongly advised not to use weak passwords on your sme server as this only reduces security.
+
{{Note box|PAM authentication requires passwords to be at least 7 characters long, so setting a password that is shorter than that may cause other problems later.}}
   −
Note also that pam authentication requires that passwords be at least 7 characters long, so setting a password that is shorter than that may cause other problems later.
+
The following settings are available to specify the password strength on SME Server:
   −
 
+
{|
The available setting choices are:
+
! setting
 
+
! explanation
strong = The password is passed through Cracklib for dictionary type word checking as well as requiring upper case, lower case, number, non alpha & 7 characters.
+
|-
 
+
| ''strong''
normal = The password requires upper case, lower case, number, non alpha & 7 characters.
+
| The password is passed through Cracklib for dictionary type word checking as well as requiring upper case, lower case, number, non alpha and a mimimum length of 7 characters.
 
+
|-
none = The password can be anything as no checking is done.
+
| ''normal''
 +
| The password requires upper case, lower case, number, non alpha and a minimum length of 7 characters.
 +
|-
 +
| ''none''
 +
| The password can be anything as no checking is done.
 
Please note that "none" does not mean no password, it just means no password strength checking, so you can enter any (weak) password you want.
 
Please note that "none" does not mean no password, it just means no password strength checking, so you can enter any (weak) password you want.
 
+
|}
    
To set password strength do:
 
To set password strength do:
Line 336: Line 341:  
  config setprop passwordstrength Users strengthvalue
 
  config setprop passwordstrength Users strengthvalue
 
  config setprop passwordstrength Ibays strengthvalue
 
  config setprop passwordstrength Ibays strengthvalue
where strengthvalue = strong  or  normal  or  none
+
where strengthvalue is one of the entries listed in the table above.
 
     −
eg Although strongly discouraged, to disable password strength checking for Users do:
+
e.g.
  config setprop passwordstrength Users none
+
  config setprop passwordstrength Users normal
    
To review the current settings do:
 
To review the current settings do:
Line 347: Line 351:  
which should display something like:
 
which should display something like:
   −
passwordstrength=configuration
+
passwordstrength=configuration
 
+
  Admin=strong
Admin=strong
+
  Ibays=strong
 
+
  Users=strong
Ibays=strong
  −
 
  −
Users=strong
  −
 
      
References:
 
References:
https://sourceforge.net/tracker/?func=detail&atid=615772&&aid=1228269&group_id=96750
+
<ol></li><li>[https://sourceforge.net/tracker/?func=detail&atid=615772&&aid=1228269&group_id=96750 Old Bugtracker on SF.net: Sme7a22 - user passwords]
http://bugs.contribs.org/show_bug.cgi?id=161
+
</li><li>[[Bugzilla:161]]</li></ol>
    
===Hard Drives, RAID's, USB Hard Drives===
 
===Hard Drives, RAID's, USB Hard Drives===

Navigation menu