Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
d
defensivedepth
01/06/2023, 9:36 PMThere is not currently a way to set password complexity requirements, correct?
j
Jason
01/09/2023, 12:03 AMDevils advocate question. If someone has the organizational need for password complexity requirements, shouldn’t they be using an IDP and SAML auth instead ?
d
defensivedepth
01/09/2023, 1:04 AMFor clarity, this PR allows customization of currently hardcoded password complexity requirements.
Also, if implementing FleetDM primarily as a security tool, I would not connect it to the org's centralized auth system.
j
Jason
01/09/2023, 1:11 AMThat’s an interesting take I’ve never heard before but ok.
d
defensivedepth
01/09/2023, 1:17 AMCertainly not universally accepted in the industry, but it is a widespread recommendation - for instance: https://docs.securityonion.net/en/2.3/faq.html?can-i-connect-security-onion-to-active-directory-or-ldap#can-i-connect-securi[…]ive-directory-or-ldap
j
Jason
01/09/2023, 1:23 AMOh, well thats a little different but I may agree with that. I personally don't believe that straight AD or LDAP actually qualify as a proper IDP or get anywhere past NIST AAL level1