Storage Boards Cleanup
To make it easier to find information about HPE Storage products and solutions, we are doing spring cleaning. This includes consolidation of some older boards, and a simpler structure that more accurately reflects how people use HPE Storage.
HPE StoreVirtual Storage / LeftHand
cancel
Showing results for 
Search instead for 
Did you mean: 

Feature Request - External AD Authentication Complex Passwords

BG76
Occasional Collector

Feature Request - External AD Authentication Complex Passwords

Hello,

I have a VSA 12.6 implementation that I just integrated into our AD. However, I noticed when I logged in using my AD credentials, which has a period in the password, I get an error message stating that passwords with a "." are not permitted.

I opened a ticket, and support advised that no passwords, even externally authenticated AD passwords, can have special characters, like a period, in them.

We try to use complex passwords, which may contain some of these characters that are not permitted, in our AD environment. I don't know if this is the correct place for feature requests, but I would like to request that AD integrated logins not be bound by those password restrictions in order to maintain password complexity.

Thanks

1 REPLY
Stor_Mort
HPE Pro

Re: Feature Request - External AD Authentication Complex Passwords

Hi BG76,

Thanks for your comment and request. The special character restrictions for passwords are the union of LeftHand OS (Linux) and Microsoft AD password constraints. We have asked the devs for a simpler, less restrictive policy, but they declined. It was pointed out that a longer random password with a slightly limited symbol set is equivalent to a shorter more complex password. Requiring a longer password, even with a smaller symbol set, is effective protection against password cracking attacks.

And password attacks are just one way of gaining access. You also need to protect against social engineering and many other vectors which are arguably more effective (and faster) than password cracking, which may be one of the less important vulnerabilities today. But it takes time for policy to catch up with reality.

I am an HPE employee - HPE StoreVirtual Support