There is not currently a way to set password complexity requirements, correct?
j
Jason
01/09/2023, 12:03 AM
Devils advocate question. If someone has the organizational need for password complexity requirements, shouldn’t they be using an IDP and SAML auth instead ?
d
defensivedepth
01/09/2023, 1:04 AM
For clarity, this PR allows customization of currently hardcoded password complexity requirements.
Also, if implementing FleetDM primarily as a security tool, I would not connect it to the org's centralized auth system.
j
Jason
01/09/2023, 1:11 AM
That’s an interesting take I’ve never heard before but ok.
Oh, well thats a little different but I may agree with that. I personally don't believe that straight AD or LDAP actually qualify as a proper IDP or get anywhere past NIST AAL level1