Skip to content

Papac85/redmine_account_policy

 
 

Repository files navigation

Redmine Account Policy

Password Expiry and other enhancements

Password Complexity

Ensures that multiple character classes are included in the password. Setting to 0 disables this feature.

Password Expiry

There are two settings.

  1. Automatically expires password after the specified number of days. Setting to 0 disables this feature. Maximum of 999 days.

  2. Warning emails are sent when the last time the password was changed is within a threshold of expiry Setting to 0 disables this feature. Maximum of 999 days. Emails are sent on the first day entering the threshold, then every 7 days until one day before expiration, on which a final warning email is sent.

Password Reuse

There are two settings.

  1. Restrict reusing the last X passwords. This cannot be set lower than 1 (Redmine default). Maximum of 30.

  2. Restrict quickly changing passwords to avoid working around the reuse restriction. Setting to 0 disables this feature. Maximum of 999 days.

Invalid Login Attempts

Locks the user account for X minutes after Y unsuccessful login attempts. Setting X to 0 disables this feature. Maximum X is 999 minutes. Maximum Y is 99 attempts.

There is also the option to send the user an email for each failed login. The user and all admins are always emailed if the account is locked.

Unused/Dormant Accounts

Automatically locks registered and active accounts that were not used for the specified number of days. Setting to 0 disables this feature. Maximum of 99 days.

Technical stuff

As Redmine doesn't have a cron functionality, the tasks are run on the first user login of the day.

About

Password Expiry and other enhancements

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Ruby 93.1%
  • HTML 6.9%