Password policy

Discussion in 'Ideas' started by NetVu IT, Apr 7, 2017.

Password policy 5 5 3votes
5/5, 3 votes

  1. NetVu IT

    Joined:
    Mar 16, 2017
    Messages:
    21
    Likes Received:
    0
    Hi, I'd like to see an option to define a minimum password length for SIP accounts and voicemail. For one of the sites I maintain, SIP accounts have to use passwords of at least 16 characters, consisting of mixed case and numbers. For voicemail these have to be at least 6 digits. It'd be nice when adding/updating an extension if these requirements were automatically accounted for.
     
  2. craigreilly

    craigreilly Well-Known Member

    Joined:
    Feb 1, 2012
    Messages:
    3,128
    Likes Received:
    207
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. PaulD

    Joined:
    Jul 4, 2010
    Messages:
    88
    Likes Received:
    9
    +1
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    10,586
    Likes Received:
    252
    I can understand a desire to increase the length of the VM pin, but even your bank PIN number (the ones I've been using) is normally only 4 digits, and, can be quickly changed if you feel it has been compromised. The logs also allows you to see who is dialling in, if hacking is suspected.
    As far as SIP passwords being 16 characters...users should not even be aware of what the password is, there is no need. It is never (normally) divulged, or visible, even if they are able to go into a the sets settings, at least the ones I've dealt with. I do (manually) use a longer password on most sets, but haven't tried anything more than about 10 digits.