DokuWiki Installer

:

This page assists in the first time installation and configuration of Dokuwiki. More info on this installer is available on it's own documentation page.

DokuWiki uses ordinary files for the storage of wiki pages and other information associated with those pages (e.g. images, search indexes, old revisions, etc). In order to operate successfully DokuWiki must have write access to the directories that hold those files. This installer is not capable of setting up directory permissions. That normally needs to be done directly on a command shell or if you are using hosting, through FTP or your hosting control panel (e.g. cPanel).

This installer will setup your DokuWiki configuration for ACL, which in turn allows administrator login and access to DokuWiki's admin menu for installing plugins, managing users, managing access to wiki pages and alteration of configuration settings. It isn't required for DokuWiki to operate, however it will make Dokuwiki easier to administer.

Experienced users or users with special setup requirements should use these links for details concerning installation instructions and configuration settings.

For security reasons this script will only work with a new and unmodified Dokuwiki installation. You should either re-extract the files from the downloaded package or consult the complete Dokuwiki installation instructions

driven by DokuWiki powered by PHP
Password Security [Mantis Bug Tracker Wiki]

User Tools

Site Tools


mantisbt:password_security

Password Security

Author: Adam Sutton

Introduction

Mantis currently lacks support for advanced password security features commonly employed by security concious applications / organisations. These features are important when the database contains sensitive information and users may be inclined to use weak passwords. The features that would be required are:

  • Password strength checking / enforcement
  • Password periodic changing
  • Password history

Database Changes

  • Add a password history table.
  • [Optional] Add a password_updated field to the user table. This is duplication of information, though could simplify integration tasks and implementation where password history is not required.

Configuration Changes

  • Add a configuration option for the password strength threshold
  • Add a configuration option for the password usage period (eg how often it must be changed)
  • Add a configuration option for the size of the password history

General Changes

  • Support password strength checking on password update page.
  • Support password history checking on password update page.
  • Support password expiration checking as part of authentication process.

Reminders

Feedback

Please add your comments and feedback in this section.

  • I'm not currently sure how password expiration should be handled. I can think of 2 possible options. 1) Provide screen to allow user to update their password. 2) Automatically send user new password by email (if supported by config).
mantisbt/password_security.txt · Last modified: 2011/11/16 07:40 by atrol