There is not currently a way to set password compl...
# fleetd
defensivedepth
01/06/2023, 9:36 PMThere is not currently a way to set password complexity requirements, correct?
j
Jason
01/09/2023, 12:03 AMDevils advocate question. If someone has the organizational need for password complexity requirements, shouldn’t they be using an IDP and SAML auth instead ?
d
defensivedepth
01/09/2023, 1:04 AMFor clarity, this PR allows customization of currently hardcoded password complexity requirements.
defensivedepth
01/09/2023, 1:06 AMAlso, if implementing FleetDM primarily as a security tool, I would not connect it to the org's centralized auth system.
j
Jason
01/09/2023, 1:11 AMThat’s an interesting take I’ve never heard before but ok.
d
defensivedepth
01/09/2023, 1:17 AMCertainly not universally accepted in the industry, but it is a widespread recommendation - for instance: https://docs.securityonion.net/en/2.3/faq.html?can-i-connect-security-onion-to-active-directory-or-ldap#can-i-connect-securi[…]ive-directory-or-ldap
j
Jason
01/09/2023, 1:23 AMOh, well thats a little different but I may agree with that. I personally don't believe that straight AD or LDAP actually qualify as a proper IDP or get anywhere past NIST AAL level1
2 Views