DOC-2278: Combine Login and Password Policies; add Password Policy rules to Configuration Parameters (4.1) #513
Conversation
[DOC-2103] configuration-parameters about password policy
zhihuapengtg
changed the title
zhihuapengtg
changed the title
|
@arun-TG-PM @victorleeTG Please help review this PR for the comment: https://graphsql.atlassian.net/browse/DOC-2103?focusedCommentId=167492, thanks! |
victorleeTG
changed the title
victorleeTG
changed the title
| == Login Protection | ||
|
|
||
| Login protection is a security feature that helps safeguard user accounts from unauthorized access, enhancing overall account security. | ||
| See xref:tigergraph-server:security:login-protection[] for a detailed description |
There was a problem hiding this comment.
| See xref:tigergraph-server:security:login-protection[] for a detailed description | |
| See xref:login-protection[] for a detailed description |
There was a problem hiding this comment.
If referencing a page within the same component/repo, do not give the name of the component.
The reason why is: referencing the component with jump to the newest version of that component (if you didn't specify a version).
| :pp: {plus}{plus} | ||
| :page-aliases: README.adoc, readme.adoc | ||
|
|
||
| Tigergraph provides complexity password policy and login protection to improve the security. |
There was a problem hiding this comment.
| Tigergraph provides complexity password policy and login protection to improve the security. | |
| TigerGraph provides a complex password policy and login protection to enhance security. |
There was a problem hiding this comment.
@anjaliIthapeTG We don't have a complex policy (or at least I hope we don't). We offer optional built-in rules for the complexity of passwords, e.g. the password must have a letters, numbers, and special characters.
There was a problem hiding this comment.
@victorleeTG My apologies for the oversight. I’ll review the documentation mentioned on the website and will update again
| :pp: {plus}{plus} | ||
| :page-aliases: README.adoc, readme.adoc | ||
|
|
||
| Tigergraph provides complexity password policy and login protection to improve the security. |
There was a problem hiding this comment.
We could also include reasons why a complex password policy and login protection are necessary and how can it help users
| @@ -1,7 +1,9 @@ | |||
| = Password Policy | |||
| :description: Overview of password policy. | |||
|
|
|||
| This guide provides instructions on how to configure and enforce password complexity policies. | |||
| The password policy allows administrators to flexibly set rules that must be followed when creating passwords, including password expiration, password rotation rules, and password complexity requirements. The purpose of this policy is to enhance system security, as administrators can establish different levels of password complexity requirements to reduce the risks of unauthorized access and data breaches. Through the password policy, the system can promote secure password management practices and strengthen overall system security. | |||
There was a problem hiding this comment.
On Page "login-password","Password Policy" section provides the definition of a password policy, and the above i.e. "Password Policy" section under page "password-policy" ,explains its purpose. Rather than giving two different explanations, we can combine them into one comprehensive statement that defines the policy and highlights its importance in enhancing security.
There was a problem hiding this comment.
I agree that we should provide a unified overview of the features and benefits. It is reasonable to say a few words about the benefits, but I consider the purpose of password rules to be quite obvious to the general reader. Every consumer has passwords and has been affected by password rules. Including a sentence about the benefits will be good for search engine ranking, though.
There was a problem hiding this comment.
It would be easier for users to understand if, on the login-password page, we mention the importance of password policy and login protection and on the login-protection page, we should solely mention the importance of login protection along with all the basic definitions. Similarly, we can do the same with the password-policy page.
DOC-2103 configuration-parameters about password policy
DOC-2278 Improv: Combine Login and Password Policies into one section