OTRS agent Password Policy

newer
assign <OTRS_CUSTOMER_REALNAME>...

older
suppress automatic notification...

Rose Dowson

21 Feb 2017 21 Feb '17

3:34 p.m.

Hi, How do I enforce an agent password policy of say: - length 15 chars - upper/lower case - symbol - change every 90 days - Password History 3 I want to do this for all otrs agents. Does anyone know the solution? Regards,

Attachments:

attachment.html (text/html — 787 bytes)

Show replies by date

Alvaro Cordero

21 Feb 21 Feb

3:42 p.m.

Hello, OTRS provides a way of managing your password policy, under Sysconfig in Framework → Frontend::Agent::Preferences There you can set Min Password Size, Password Regex, etc, not sure if password History or password expiracy. Regards 2017-02-21 9:34 GMT-06:00 Rose Dowson :

...

Hi,

How do I enforce an agent password policy of say:

- length 15 chars - upper/lower case - symbol - change every 90 days - Password History 3

I want to do this for all otrs agents.

Does anyone know the solution?

Regards,

--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs

-- *Alvaro Cordero RetanaConsultor de Tecnologias* *Tel: 22585757 ext 123* *Email:* alvaro@gridshield.net

Chris Ellam

3:50 p.m.

Hi Rose, the first can be achieved through the standard agent preference group by setting PasswordMinSize to 15, for lower and upercase its the regex in PasswordRegExp '((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\\W]))' note this also include a digit. For change every 90 day and the password history you need an additional package OTRSPasswordPolicy here set PasswordTTL to 90 and PasswordHistory to 3. The are othere things you may want to do like setting the days to warn before expiry PasswordWarnBeforeExpiry and exceptions to to TTL and history. The same can be done for customers too, in their preferences. cu, Chris From: "Rose Dowson" To: otrs@lists.otrs.org Sent: Tuesday, February 21, 2017 4:34:00 PM Subject: [otrs] OTRS agent Password Policy Hi, How do I enforce an agent password policy of say: - length 15 chars - upper/lower case - symbol - change every 90 days - Password History 3 I want to do this for all otrs agents. Does anyone know the solution? Regards, --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs

Rose Dowson

4:14 p.m.

Hi, Thank you for the answer, I added the OTRS Password Policy could you see the settings in the attached file. I haven't these two options the password history and Password Max Valid Time In Days. So, I want to add them but I couldn't. Miss some thing ? Best regards. 2017-02-21 16:50 GMT+01:00 Chris Ellam :

...

Hi Rose,

the first can be achieved through the standard agent preference group by setting PasswordMinSize to 15, for lower and upercase its the regex in PasswordRegExp '((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\\W]))' note this also include a digit.

For change every 90 day and the password history you need an additional package OTRSPasswordPolicy here set PasswordTTL to 90 and PasswordHistory to 3.

The are othere things you may want to do like setting the days to warn before expiry PasswordWarnBeforeExpiry and exceptions to to TTL and history.

The same can be done for customers too, in their preferences.

cu,

Chris ------------------------------ *From: *"Rose Dowson" *To: *otrs@lists.otrs.org *Sent: *Tuesday, February 21, 2017 4:34:00 PM *Subject: *[otrs] OTRS agent Password Policy

Hi,

How do I enforce an agent password policy of say:

- length 15 chars - upper/lower case - symbol - change every 90 days - Password History 3

I want to do this for all otrs agents.

Does anyone know the solution?

Regards,

--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs

--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs

Chris Ellam

22 Feb 22 Feb

11:50 a.m.

Hi Rose, I guess you could edit ZZZAuto.pm, find $Self->{'PreferencesGroups'}->{'Password'} = { and then add after PasswordRegExp the following 'PasswordTTL' => '90', 'PasswordHistory' => '3', 'PasswordWarnBeforeExpiry' => '5', Then delete the cache ~otrs/bin/otrs.Console.pl Maint::Cache::Delete You should now have all your entries for the password settings. The exception list is in Sysconfig OTRSPasswordPolicy in the Subgroup Exceptions. have fun, Chris From: "Rose Dowson" To: "User questions and discussions about, OTRS." Sent: Tuesday, February 21, 2017 5:14:07 PM Subject: Re: [otrs] OTRS agent Password Policy Hi, Thank you for the answer, I added the OTRS Password Policy could you see the settings in the attached file. I haven't these two options the password history and Password Max Valid Time In Days. So, I want to add them but I couldn't. Miss some thing ? Best regards. 2017-02-21 16:50 GMT+01:00 Chris Ellam < [ mailto:chris.ellam@otrs.com | chris.ellam@otrs.com ] > : Hi Rose, the first can be achieved through the standard agent preference group by setting PasswordMinSize to 15, for lower and upercase its the regex in PasswordRegExp '((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\\W]))' note this also include a digit. For change every 90 day and the password history you need an additional package OTRSPasswordPolicy here set PasswordTTL to 90 and PasswordHistory to 3. The are othere things you may want to do like setting the days to warn before expiry PasswordWarnBeforeExpiry and exceptions to to TTL and history. The same can be done for customers too, in their preferences. cu, Chris From: "Rose Dowson" < [ mailto:rose20.dowson@gmail.com | rose20.dowson@gmail.com ] > To: [ mailto:otrs@lists.otrs.org | otrs@lists.otrs.org ] Sent: Tuesday, February 21, 2017 4:34:00 PM Subject: [otrs] OTRS agent Password Policy Hi, How do I enforce an agent password policy of say: - length 15 chars - upper/lower case - symbol - change every 90 days - Password History 3 I want to do this for all otrs agents. Does anyone know the solution? Regards, --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: [ http://otrs.org/ | http://otrs.org/ ] Archive: [ http://lists.otrs.org/pipermail/otrs | http://lists.otrs.org/pipermail/otrs ] To unsubscribe: [ http://lists.otrs.org/mailman/listinfo/otrs | http://lists.otrs.org/mailman/listinfo/otrs ] --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: [ http://otrs.org/ | http://otrs.org/ ] Archive: [ http://lists.otrs.org/pipermail/otrs | http://lists.otrs.org/pipermail/otrs ] To unsubscribe: [ http://lists.otrs.org/mailman/listinfo/otrs | http://lists.otrs.org/mailman/listinfo/otrs ] --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs

Rose Dowson

27 Feb 27 Feb

9:31 a.m.

Hi, Thank you very much. Just one more question please : I set the 'PasswordTTL' => '1' to check if it works correctly but I haven't any result when I set my agent password I could log in normally. So, it seems I missed something. Could you tell me please how could I check this ? Best Regards. 2017-02-22 12:50 GMT+01:00 Chris Ellam :

...

Hi Rose,

I guess you could edit ZZZAuto.pm, find $Self->{'PreferencesGroups'}->{'Password'} = { and then add after PasswordRegExp the following 'PasswordTTL' => '90', 'PasswordHistory' => '3', 'PasswordWarnBeforeExpiry' => '5',

Then delete the cache ~otrs/bin/otrs.Console.pl Maint::Cache::Delete

You should now have all your entries for the password settings. The exception list is in Sysconfig OTRSPasswordPolicy in the Subgroup Exceptions.

have fun,

Chris

------------------------------ *From: *"Rose Dowson" *To: *"User questions and discussions about, OTRS." *Sent: *Tuesday, February 21, 2017 5:14:07 PM *Subject: *Re: [otrs] OTRS agent Password Policy

Hi,

Thank you for the answer, I added the OTRS Password Policy could you see the settings in the attached file. I haven't these two options the password history and Password Max Valid Time In Days. So, I want to add them but I couldn't.

Miss some thing ?

Best regards.

2017-02-21 16:50 GMT+01:00 Chris Ellam :

...
Hi Rose,

the first can be achieved through the standard agent preference group by setting PasswordMinSize to 15, for lower and upercase its the regex in PasswordRegExp '((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\\W]))' note this also include a digit.

For change every 90 day and the password history you need an additional package OTRSPasswordPolicy here set PasswordTTL to 90 and PasswordHistory to 3.

The are othere things you may want to do like setting the days to warn before expiry PasswordWarnBeforeExpiry and exceptions to to TTL and history.

The same can be done for customers too, in their preferences.

cu,

Chris ------------------------------ *From: *"Rose Dowson" *To: *otrs@lists.otrs.org *Sent: *Tuesday, February 21, 2017 4:34:00 PM *Subject: *[otrs] OTRS agent Password Policy

Hi,

How do I enforce an agent password policy of say:

- length 15 chars - upper/lower case - symbol - change every 90 days - Password History 3

I want to do this for all otrs agents.

Does anyone know the solution?

Regards,

--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs

--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs

--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs

--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs

3063

Age (days ago)

3069

Last active (days ago)

List overview

Download

5 comments

3 participants

participants (3)

Alvaro Cordero
Chris Ellam
Rose Dowson