[Koha-bugs] [Bug 21187] New: GDPR: Force patrons password renew
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Aug 9 15:25:56 CEST 2018
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21187
Bug ID: 21187
Summary: GDPR: Force patrons password renew
Change sponsored?: ---
Product: Koha
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: koha-bugs at lists.koha-community.org
Reporter: vfernandes at keep.pt
QA Contact: testopia at bugs.koha-community.org
CC: dpavlin at rot13.org
Under the auspices of the recently issued European legislation regarding data
privacy (GDPR), the Portuguese government has issued a series of mandatory
requirements, as well as general recommendations, for software applications
that are implemented under the umbrella of public bodies (RCM 41/2018).
Since Koha is mostly used by municipalities and universities in Portugal, some
of these mandatory requirements need to be address by Koha implementers in
Portugal.
We believe that this requirement is also useful for the community at large.
Here’s a description of the requirement.
*** Requirement description ***
The application MUST ensure that the user changes his password frequently. If
the user doesn’t change is password it should be impeded from using the
application until he does so.
Having a setting where one can define the number of days until a password
becomes invalid is necessary. The recommendation is 6 months for standard
users, and 3 months for administrators.
*** Scope ***
Only applicable for passwords managed by Koha. When using a centralized
authentication system, this task should be managed by the central
authentication system.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list