#2208: ldap account name security
---------------------------+-------------------
Reporter: cvvergara | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Keywords:
---------------------------+-------------------
Somewhere should advise to:
- Not use a nickname as an LDAP account, its giving half of the
information to login (the other half is the password)
https://www.wpwhitesecurity.com/hide-wordpress-usernames-improve-
wordpress-security/
Probably related to #2207 Users might want to use the nickname as
permalink nad their LDAP account is their nickname.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2208>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2208: ldap account name security
-----------------------+------------------------
Reporter: cvvergara | Owner: cvvergara
Type: task | Status: new
Priority: normal | Milestone:
Component: WebSite | Resolution:
Keywords: |
-----------------------+------------------------
Changes (by cvvergara):
* owner: sac@… => cvvergara
* component: Systems Admin => WebSite
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2208#comment:1>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
#2208: ldap account name security
---------------------------+------------------------
Reporter: cvvergara | Owner: cvvergara
Type: task | Status: new
Priority: normal | Milestone:
Component: SysAdmin/LDAP | Resolution:
Keywords: |
---------------------------+------------------------
Changes (by strk):
* component: WebSite => SysAdmin/LDAP
Old description:
Somewhere should advise to:
- Not use a nickname as an LDAP account, its giving half of the
information to login (the other half is the password)
WordPress Security - How to Hide WordPress Usernames | Melapress
wordpress-security/
Probably related to #2207 Users might want to use the nickname as
permalink nad their LDAP account is their nickname.
New description:
Somewhere should advise to:
- Not use a nickname as an LDAP account, its giving half of the
information to login (the other half is the password)
WordPress Security - How to Hide WordPress Usernames | Melapress
wordpress-security/
Probably related to #2207 Users might want to use the nickname as
permalink and their LDAP account is their nickname.
--
Comment:
I've to say I find using nickname as LDAP username is very useful to find
each other.
Remmeber we support LDAP usernames to mention people in Trac. For instance
I could write cvvergara in the Cc field of this ticket to ensure you get
email notifications.
Requiring longer passwords and maybe password expiration would be good
security improvements. Ticket #1680 might provide both.
--
Ticket URL: <#2208 (ldap account name security) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.