I would like that user should be forced to keep a strong password for login. These are my finding or loose points in JIRA 5.1 for password.
Any Suggestion that we can have these things in place.
You need to replace the code in Jira that handles passwords, in order to add functions 1, 2, and 4. Function 3 is slightly different as it's a time-based thing, but it needs coding in a slightly different place. I don't understand what the problem with 5 is - "default" passwords are a bad thing in security terms and a random or admin-defined one should always be set.
Your second option is to use external account maintenance, connecting Jira to a system that will do these things for you. This is a better option than coding in the core of Jira in my opinion.
There are other options as well (e.g. use ssl certificates and bypass passwords completely - far more secure in many ways), but they all need coding.
However, you are using OnDemand, which means you can't implement anything different. You'll need to move to your own installation to implement anything better.
I have a hosted installation of Jira and have the same issue. How can i change the code like you mentioned on the first paragraph to allow minimun numbers of charaters on the users password?
I just want to make all passwords minimum 8 characters and using at least one number.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG