iRedAdmin-Pro: Default password restrictions

Attention

Restarting Apache or uwsgi (if you're running Nginx) service is required after updated iRedAdmin config file.

Warning

The weakest part of a mail server is user's weak password. Email spammers don't want to hack your server, they just want to send spam from your server. Please ALWAYS ALWAYS ALWAYS force users to use strong password.

Password length

You can define required password length in iRedAdmin config file, parameters:

# 0 means unlimited, but at least 1 character is required.
min_passwd_length = 8
max_passwd_length = 0

It's also supported to set a per-domain password length in domain profile page.

Password policy

iRedAdmin-Pro has some default password restrictions, you can find default settings in file libs/default_settings.py under iRedAdmin-Pro directory. If you want to change them, please copy the parameters to iRedAdmin-Pro config file settings.py then update their values. Restarting Apache or uwsgi (if you're running Nginx) service is required after modified settings.py.

# default password restriction setting in file: libs/default_settings.py

# Special characters which can be used in password.
PASSWORD_SPECIAL_CHARACTERS = """#$%&'"*+-,.:;!<=>?@[]/\(){}^_`~"""

# Must contain at least one letter, one uppercase letter, one number, one special character
PASSWORD_HAS_LETTER = True
PASSWORD_HAS_UPPERCASE = True
PASSWORD_HAS_NUMBER = True
PASSWORD_HAS_SPECIAL_CHAR = True

For example, if you don't want to enforce upper case in password, set below parameter in iRedAdmin-Pro config file settings.py:

PASSWORD_HAS_UPPERCASE = False