diff --git a/CHANGELOG.md b/CHANGELOG.md index c6da0310..e30afc5c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,8 @@ FEATURE: New limits implementation based on the new metrics infrastructure (http FEATURE: The invite mechanism has been reworked to improve user experience. The configuration has been moved to the `admin` stanza of the controller configuration and now includes a boolean flag indicating whether or not the instance allows new invitations to be created, and also includes contact details for requesting a new invite. These values are used by the `zrok invite` command to provide a smoother end-user invite experience https://github.com/openziti/zrok/issues/229) +FEATURE: New password strength checking rules and configuration. See the example configuration file (`etc/ctrl.yml`) for details about how to configure the strength checking rules (https://github.com/openziti/zrok/issues/167) + CHANGE: The controller configuration version bumps from `v: 2` to `v: 3` to support all of the new `v0.4` functionality. See the [example ctrl.yml](etc/ctrl.yml) for details on the new configuration. CHANGE: The underlying database store now utilizes a `deleted` flag on all tables to implement "soft deletes". This was necessary for the new metrics infrastructure, where we need to account for metrics data that arrived after the lifetime of a share or environment; and also we're going to need this for limits, where we need to see historical information about activity in the past (https://github.com/openziti/zrok/issues/262) diff --git a/etc/ctrl.yml b/etc/ctrl.yml index 2e8792c0..6c8f5e62 100644 --- a/etc/ctrl.yml +++ b/etc/ctrl.yml @@ -140,21 +140,21 @@ metrics: org: zrok token: "" +# Configure password requirements for user accounts. +# +#passwords: +# length: 8 +# require_capital: true +# require_numeric: true +# require_special: true +# # Denote which characters satisfy the `require_special` requirement. Note the need to escape specific characters. +# valid_special_characters: "\"\\`'~!@#$%^&*()[],./" + # Configure the generated URL for the registration email. The registration token will be appended to this URL. # registration: registration_url_template: https://zrok.server.com/register -# Configure password requirements for user accounts. -# -password_requirements: - length: 8 - require_capital: true - require_numeric: true - require_special: true - # Denote which characters satisfy the `require_special` requirement. Note the need to escape specific characters. - valid_special_characters: "\"\\`'~!@#$%^&*()[],./" - # Configure the generated URL for password resets. The reset token will be appended to this URL. # reset_password: