Enable admin password complexity verification
Bug #1461431 reported by
Zhenyu Zheng
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Expired
|
Wishlist
|
Unassigned | ||
OpenStack Security Advisory |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
When performing actions such as create instances, evacuate instances, rebuild instances, rescue instances and update instances' admin password. The complexity of user provided admin password has not been verified. This can cause security problems.
One solution will be adding a configuration option: using_complex_
information type: | Private Security → Public Security |
information type: | Public Security → Private Security |
Changed in nova: | |
importance: | Undecided → Wishlist |
status: | New → Incomplete |
To post a comment you must log in.
Since this report concerns a possible security risk, an incomplete security advisory task has been added while the core security reviewers for the affected project or projects confirm the bug and discuss the scope of any vulnerability along with potential solutions.