diff options
author | wangxiyuan <wangxiyuan@huawei.com> | 2018-08-20 11:02:52 +0800 |
---|---|---|
committer | wangxiyuan <wangxiyuan@huawei.com> | 2018-08-23 06:48:36 +0000 |
commit | 34609d557e68020c6a054282c4d206aaa26a0d67 (patch) | |
tree | 6c9e75f562b5995d01c9bf6f57ecc6cee38207e0 /keystone/conf | |
parent | c896f911efecfddf07a3d1117ced7fc271ee70cb (diff) | |
download | keystone-34609d557e68020c6a054282c4d206aaa26a0d67.tar.gz |
Change unique_last_password_count default to 0
Changing the default value of unique_last_password_count from
1 to 0, so that it can handle a case(when set to 1) that the
password history check only check one previous password.
Change-Id: Id368c99ca4926c995ea47959a6c3a438fffe1823
Closes-Bug: #1787874
Diffstat (limited to 'keystone/conf')
-rw-r--r-- | keystone/conf/security_compliance.py | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/keystone/conf/security_compliance.py b/keystone/conf/security_compliance.py index 3968bda69..5b27141b0 100644 --- a/keystone/conf/security_compliance.py +++ b/keystone/conf/security_compliance.py @@ -66,14 +66,14 @@ the `[identity] driver`. unique_last_password_count = cfg.IntOpt( 'unique_last_password_count', - default=1, - min=1, + default=0, + min=0, help=utils.fmt(""" This controls the number of previous user password iterations to keep in history, in order to enforce that newly created passwords are unique. The total number which includes the new password should not be greater or equal to this -value. Setting the value to one (the default) disables this feature. Thus, to -enable this feature, values must be greater than 1. This feature depends on +value. Setting the value to zero (the default) disables this feature. Thus, to +enable this feature, values must be greater than 0. This feature depends on the `sql` backend for the `[identity] driver`. """)) |