Security Guide - External auth methods refactoring
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openstack-manuals |
Fix Released
|
Low
|
N Dillon |
Bug Description
I think the last half of this could benefit from rewriting with more detail given on what external auth is. Additionally, it's not clear if external auth provides pw policy enforcement (which internal auth could do as well). There is finally a good explanation of MFA, but not how it relates to external auth, and then consistency is not maintained when Kerb is mentioned, but not expanded on in relation to external auth.
The section I believe can be touched up is:
"External authentication services can provide alternative forms of authentication that minimize the risk from weak passwords.
These include:
Password policy enforcement: Requires user passwords to conform to minimum standards for length, diversity of characters, expiration, or failed login attempts.
Multi-factor authentication: The authentication service requires the user to provide information based on something they have, such as a one-time password token or X.509 certificate, and something they know, such as a password.
Kerberos"
-------
Built: 2015-01-09T08:06:57 00:00
git SHA: 6adcc8b79c64aac
URL: http://
Changed in openstack-manuals: | |
assignee: | nobody → Shellee Arnold (shellee-arnold) |
Changed in openstack-manuals: | |
status: | New → Confirmed |
importance: | Undecided → Low |
tags: | added: sec-guide |
Changed in openstack-manuals: | |
assignee: | Shellee Aragon (shellee-aragon) → Bathri Ajay Raj (bathri-s) |
status: | Confirmed → In Progress |
Changed in openstack-manuals: | |
assignee: | Bathri Ajay Raj (bathri-s) → nobody |
Changed in openstack-manuals: | |
assignee: | nobody → N Dillon (sicarie) |
Hi Shellee, are you still interested in working on this one?