From 4bbd1c873abcbccf943889a8c44f77f8591023b4 Mon Sep 17 00:00:00 2001 From: cooper-lzy <78672629+cooper-lzy@users.noreply.github.com> Date: Wed, 5 Jan 2022 15:02:24 +0800 Subject: [PATCH 1/5] Add constraints on invalid password attempts --- .../7.data-security/1.authentication/1.authentication.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docs-2.0/7.data-security/1.authentication/1.authentication.md b/docs-2.0/7.data-security/1.authentication/1.authentication.md index 17d1986de52..6e66a1aa220 100644 --- a/docs-2.0/7.data-security/1.authentication/1.authentication.md +++ b/docs-2.0/7.data-security/1.authentication/1.authentication.md @@ -16,7 +16,13 @@ Local authentication indicates that usernames and passwords are stored locally o ### Enable local authentication -1. Modify the `nebula-graphd.conf` file (`/usr/local/nebula/etc/` is the default path), set `--enable_authorize=true` and save the modification. +1. Modify the `nebula-graphd.conf` file (`/usr/local/nebula/etc/` is the default path), set the parameters as followis: + + - `--enable_authorize`: Whether to enable authentication, optional values are true or false. + + - `--failed_login_attempts`: The parameter is optional, you need to add this parameter manually. The number of consecutive incorrect passwords allowed by a single Graph service. When the number exceeds the limitation, the account will be locked. If there are multiple Graph services, the allowed number of times is `number of services * failed_login_attempts`. + + - `--password_lock_time_in_secs`: The parameter is optional, you need to add this parameter manually. Duration of account locking after multiple incorrect passwords is entered. Unit: second. 2. Restart the Nebula Graph services. For how to restart, see [Manage Nebula Graph services](../../2.quick-start/5.start-stop-service.md). From a93b068919c30010507ba1cc3afebc1f074b1381 Mon Sep 17 00:00:00 2001 From: cooper-lzy <78672629+cooper-lzy@users.noreply.github.com> Date: Tue, 11 Jan 2022 13:57:21 +0800 Subject: [PATCH 2/5] Update docs-2.0/7.data-security/1.authentication/1.authentication.md Co-authored-by: randomJoe211 <69501902+randomJoe211@users.noreply.github.com> --- docs-2.0/7.data-security/1.authentication/1.authentication.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs-2.0/7.data-security/1.authentication/1.authentication.md b/docs-2.0/7.data-security/1.authentication/1.authentication.md index 6e66a1aa220..41e5d6a7e69 100644 --- a/docs-2.0/7.data-security/1.authentication/1.authentication.md +++ b/docs-2.0/7.data-security/1.authentication/1.authentication.md @@ -16,7 +16,7 @@ Local authentication indicates that usernames and passwords are stored locally o ### Enable local authentication -1. Modify the `nebula-graphd.conf` file (`/usr/local/nebula/etc/` is the default path), set the parameters as followis: +1. Modify the `nebula-graphd.conf` file (`/usr/local/nebula/etc/` is the default path) to set the following parameters: - `--enable_authorize`: Whether to enable authentication, optional values are true or false. From e97b4becc18665fe3cfaaf5f67ea846698bda49c Mon Sep 17 00:00:00 2001 From: cooper-lzy <78672629+cooper-lzy@users.noreply.github.com> Date: Tue, 11 Jan 2022 13:57:37 +0800 Subject: [PATCH 3/5] Update docs-2.0/7.data-security/1.authentication/1.authentication.md Co-authored-by: randomJoe211 <69501902+randomJoe211@users.noreply.github.com> --- docs-2.0/7.data-security/1.authentication/1.authentication.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs-2.0/7.data-security/1.authentication/1.authentication.md b/docs-2.0/7.data-security/1.authentication/1.authentication.md index 41e5d6a7e69..ea7d52ae9ee 100644 --- a/docs-2.0/7.data-security/1.authentication/1.authentication.md +++ b/docs-2.0/7.data-security/1.authentication/1.authentication.md @@ -18,7 +18,7 @@ Local authentication indicates that usernames and passwords are stored locally o 1. Modify the `nebula-graphd.conf` file (`/usr/local/nebula/etc/` is the default path) to set the following parameters: - - `--enable_authorize`: Whether to enable authentication, optional values are true or false. + - `--enable_authorize`: Set its value to `true` to enable authentication. - `--failed_login_attempts`: The parameter is optional, you need to add this parameter manually. The number of consecutive incorrect passwords allowed by a single Graph service. When the number exceeds the limitation, the account will be locked. If there are multiple Graph services, the allowed number of times is `number of services * failed_login_attempts`. From a26974fc320ca72ad02e6721476b47bce9f4987e Mon Sep 17 00:00:00 2001 From: cooper-lzy <78672629+cooper-lzy@users.noreply.github.com> Date: Tue, 11 Jan 2022 13:58:52 +0800 Subject: [PATCH 4/5] Update docs-2.0/7.data-security/1.authentication/1.authentication.md Co-authored-by: abby.huang <78209557+abby-cyber@users.noreply.github.com> --- docs-2.0/7.data-security/1.authentication/1.authentication.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs-2.0/7.data-security/1.authentication/1.authentication.md b/docs-2.0/7.data-security/1.authentication/1.authentication.md index ea7d52ae9ee..d9325ebe7c3 100644 --- a/docs-2.0/7.data-security/1.authentication/1.authentication.md +++ b/docs-2.0/7.data-security/1.authentication/1.authentication.md @@ -20,7 +20,7 @@ Local authentication indicates that usernames and passwords are stored locally o - `--enable_authorize`: Set its value to `true` to enable authentication. - - `--failed_login_attempts`: The parameter is optional, you need to add this parameter manually. The number of consecutive incorrect passwords allowed by a single Graph service. When the number exceeds the limitation, the account will be locked. If there are multiple Graph services, the allowed number of times is `number of services * failed_login_attempts`. + - `--failed_login_attempts`: This parameter is optional, and you need to add this parameter manually. Specify the attempts of continuously entering incorrect passwords for a single Graph service. When the number exceeds the limitation, your account will be locked. For multiple Graph services, the allowed attempts are `number of services * failed_login_attempts`. - `--password_lock_time_in_secs`: The parameter is optional, you need to add this parameter manually. Duration of account locking after multiple incorrect passwords is entered. Unit: second. From b7d59b3a84954377ad45ed5ff8accc5b13904558 Mon Sep 17 00:00:00 2001 From: cooper-lzy <78672629+cooper-lzy@users.noreply.github.com> Date: Tue, 11 Jan 2022 13:58:58 +0800 Subject: [PATCH 5/5] Update docs-2.0/7.data-security/1.authentication/1.authentication.md Co-authored-by: abby.huang <78209557+abby-cyber@users.noreply.github.com> --- docs-2.0/7.data-security/1.authentication/1.authentication.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs-2.0/7.data-security/1.authentication/1.authentication.md b/docs-2.0/7.data-security/1.authentication/1.authentication.md index d9325ebe7c3..bc5fdd29d9e 100644 --- a/docs-2.0/7.data-security/1.authentication/1.authentication.md +++ b/docs-2.0/7.data-security/1.authentication/1.authentication.md @@ -22,7 +22,7 @@ Local authentication indicates that usernames and passwords are stored locally o - `--failed_login_attempts`: This parameter is optional, and you need to add this parameter manually. Specify the attempts of continuously entering incorrect passwords for a single Graph service. When the number exceeds the limitation, your account will be locked. For multiple Graph services, the allowed attempts are `number of services * failed_login_attempts`. - - `--password_lock_time_in_secs`: The parameter is optional, you need to add this parameter manually. Duration of account locking after multiple incorrect passwords is entered. Unit: second. + - `--password_lock_time_in_secs`: This parameter is optional, and you need to add this parameter manually. Specify the time how long your account is locked after multiple incorrect password entries are entered. Unit: second. 2. Restart the Nebula Graph services. For how to restart, see [Manage Nebula Graph services](../../2.quick-start/5.start-stop-service.md).