MongoByte MongoDB Logo

Welcome to the new MongoDB Feedback Portal!

{Improvement: "Your idea"}
We’ve upgraded our system to better capture and act on your feedback.
Your feedback is meaningful and helps us build better products.

Add new feedback Subscribe
Status Submitted
Categories Database
Created by Guest
Created on Jun 16, 2020

RELATED FEEDBACK

Password enforcement without LDAP

Enforce complex password policy Enforce password expiration Enforce password history
  • Attach files
  • Guest
    Mar 10, 2025
    please enable password last change date,expiration date, created date with password login failure count, password complexity etc ..like profile in RDBMS
    Reply
  • Guest
    Mar 5, 2024
    It's a critical request for enterprise for SCRAM authenticated users though it can be achieved using external authentication plugin like Kerberos/LDAP etc.
    Reply
  • Guest
    May 27, 2021
    Thanks for the feature request. For folks looking to implement password policies for the SCRAM method, we recommend using Hashicorp. Vault provides comprehensive life cycle management for passwords, as well as certificates. Vault has a secrets engine for MongoDB. https://www.vaultproject.io/docs/secrets/databases/mongodb
    Reply
  • Guest
    Apr 6, 2021
    It will be great to add password enforcement policy (to meet SOX requirement & security) within MongoDB itself, instead of using LDAP. It will reduce dependency with AD system. We are facing lot of issues by adopting AD/ LDAP user. Business users are frustrated with this. We ended up developing our own custom tools do this. This adds too much work.
    Reply
  • Guest
    Nov 3, 2020
    We need a password expiry and auto new password reset after few days.
    Reply
  • Guest
    Jun 16, 2020
    My banking customer cant use LDAP or Kerebros as external authentication, But they ask mongodb should provide strong password policy to meet the audit policy of the bank. I hope mongodb can provide this feature soon.
    Reply