[Freeipa-devel] [freeipa PR#317][comment] Unify password generation across FreeIPA
tiran
freeipa-github-notification at redhat.com
Fri Dec 9 10:20:39 UTC 2016
URL: https://github.com/freeipa/freeipa/pull/317
Title: #317: Unify password generation across FreeIPA
tiran commented:
"""
@mbasti-rh ```uppercase + lowercase + num + special``` should be limited to a sensible value. A large value invalidates the formula that calculates the length of the token. As far as I remember my math, formula assumes a uniform distribution of distinct values. Additional restrictions reduce the sample space of the result. I'm not clever enough to come up with an algorithm to calculate the length with additional restrictions. My gut feeling tells me that less than 15% per character class (3 for upper/lower case and symbols, 1 for digit) should be ok.
"""
See the full comment at https://github.com/freeipa/freeipa/pull/317#issuecomment-265980552
More information about the Freeipa-devel
mailing list