Define a password policy for Auth::DBI
Summary
For some reason, we would like to have a better password policy for Auth::UserDB function like we can have in LDAP :
- Regexp (we can easily do it on front, but on back, we need specific development)
- Automatic password expiration
- Block the account if too many attempt. Reset password unblock the account (or delay to retry ?)
Design proposition
New configuration for the regexp, the validity of the password and the number of attempt allowed New column in DB (so configuration) for expiration date and the number of attempt before resetting password