1

Topic: Security, password policy

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.4
- Linux/BSD distribution name and version: deb 8
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro? yes
- Related log if you're reporting an issue:
====

User password creation with different interfaces (iredadmin, sogo, roundcube)
Should be same policy for all interfaces.


iRedAdmin-PRO -----------------------------------------
-------------------------------------------------------

Password must contain
at least one letter
at least one uppercase letter
at least one digit number
at least one special character: #$%&'"*+-,.:;!<=>?@[]/\(){}^_`~


ROUNDCUBE ---------------------------------------------
-------------------------------------------------------

Password must be at least 8 characters long.
Password must include at least one number and one symbol.


Sogo  -------------------------------------------------
-------------------------------------------------------

NO password restrictions. One can choose week password even without entering your current password.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Security, password policy

I understand your concern. But, well, Roundcube, iRedAdmin-Pro, SOGo are developed by 3 separated teams, so ...

3

Re: Security, password policy

ZhangHuangbin wrote:

I understand your concern. But, well, Roundcube, iRedAdmin-Pro, SOGo are developed by 3 separated teams, so ...

I understand. Thank you for your support!