Giter VIP home page Giter VIP logo

Comments (4)

daar avatar daar commented on June 2, 2024

I'm planning to work on this issue here: https://github.com/daar/filament-breezy

from filament-breezy.

ankkk avatar ankkk commented on June 2, 2024

So, you might think that forcing people to change their password every so often is a great way to keep things secure. But actually, the National Institute of Standards and Technology (NIST) says that’s not the case anymore. Password expiration policies don’t really do much to make passwords stronger, and can even make them weaker if people are constantly coming up with new ones that are easy to guess.
So, instead of relying on password expiration, it’s better to encourage people to choose strong and unique passwords, use 2FA, and keep an eye out for any weird activity on their accounts. That way, you can keep things safe without making everyone change their password every other week.

Section: 5.1.1.2 Memorized Secret Verifiers:

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63b.pdf

from filament-breezy.

daar avatar daar commented on June 2, 2024

Absolutely, you're right! Strong passwords and 2FA are widely acknowledged as effective means of safeguarding data. However, there may be scenarios where implementing 2FA is impractical, particularly when collaborating with individuals who have limited experience with computers. In such situations, incorporating password expiration can provide an alternative layer of security by ensuring that passwords are regularly updated, thereby reducing the risk of compromised accounts.
Laravel provides various validation methods for passwords, that assess the strength of passwords and checks whether a provided password is uncompromised. By combining these strong passwords with additional security measures such as password expiration or 2FA, we have all the tools in place to keep data secured.

from filament-breezy.

jeffgreco13 avatar jeffgreco13 commented on June 2, 2024

This will be worked on in v2, to some degree, and will be released sometime after Filament v3 stable is released in August.
I won't implement this in v1, as I consider v1 to be feature complete.

Check for updates to the repo!

from filament-breezy.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.