Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-11496

Advanced password management

XMLWordPrintable

    • 46
    • 23
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.

      Modern companies require advanced password management. This includes:

      • Password aging: Automatically invalidating a password after a certain period of time,
      • Password strength check: Making sure that the passwords that are used are strong
        (an example can be found here: http://passwordstrength.net/)

      Two features that are getting more common every day.

          Form Name

            [CONFSERVER-11496] Advanced password management

            Michael Andreacchio added a comment - - edited

            Dear Customers,

             

            Thanks for your patience and interest in this suggestion.

            I'm pleased to let you know that we have shipped the ability to manage password strength in Confluence Data Center 9.1 (release notes). For customers interested in password expiry and rotation please follow this ticket CONFSERVER-98153.

            For full details on password strength management please take a look at our in-depth documentation.

            Kind regards,

             

            Michael Andreacchio

            Confluence Data Center

            Michael Andreacchio added a comment - - edited Dear Customers,   Thanks for your patience and interest in this suggestion. I'm pleased to let you know that we have shipped the ability to manage password strength in Confluence Data Center 9.1 ( release notes ). For customers interested in password expiry and rotation please follow this ticket CONFSERVER-98153 . For full details on password strength management please take a look at our in-depth documentation. Kind regards,   Michael Andreacchio Confluence Data Center

            Karsten Hain added a comment -

            Please implement this!

            Karsten Hain added a comment - Please implement this!

            Erik Liu added a comment -

            Agree with @AB Kagithala!!! We need this feature.

            Erik Liu added a comment - Agree with @AB Kagithala!!! We need this feature.

            Manuel Bähnisch added a comment -

            +1

            Manuel Bähnisch added a comment - +1

            Dana M. Jansen added a comment -

            This is done in Jira - why can't this also be done in Confluence?

            Dana M. Jansen added a comment - This is done in Jira - why can't this also be done in Confluence?

            Nidhi added a comment -

            can we get an eta for this, please ?

            Nidhi added a comment - can we get an eta for this, please ?

            Bogdan Khralovich added a comment -

            +1

            Bogdan Khralovich added a comment - +1

            Steve Bates added a comment -

            +1 from me too.

            I've just picked myself off the floor - twice.

            First time when I found this thread that you cant set password policy in Confluence. (I'd been trying to do this earlier today.)

            2nd time when I found that confluence and Jira both are linked - users can set themselves trivial passwords in Confluence and use the same password in Jira - bypassing the password controls in Jira.  Jira does not validate password controls on login - only on change password, so the weaker passwords set in Confluence then are then in use on Jira.

            Steve Bates added a comment - +1 from me too. I've just picked myself off the floor - twice. First time when I found this thread that you cant set password policy in Confluence. (I'd been trying to do this earlier today.) 2nd time when I found that confluence and Jira both are linked - users can set themselves trivial passwords in Confluence and use the same password in Jira - bypassing the password controls in Jira.  Jira does not validate password controls on login - only on change password, so the weaker passwords set in Confluence then are then in use on Jira.

            ABoerio added a comment -

            Agree with above other comments.

            It's quite easy to setup password policy in Jira, I can't understand why the same approach is not already adopted in Confluence.

             

            ABoerio added a comment - Agree with above other comments. It's quite easy to setup password policy in Jira, I can't understand why the same approach is not already adopted in Confluence.  

            Rick Carini added a comment -

            Internal Security Policies require this.
            (sigh)

            Rick Carini added a comment - Internal Security Policies require this. (sigh)

              Unassigned Unassigned
              fb239a42de73 Erik Erik
              Votes:
              210 Vote for this issue
              Watchers:
              149 Start watching this issue

                Created:
                Updated:
                Resolved: