(doris-website) branch master updated: add new strong password doc (#3313)

morningman Wed, 28 Jan 2026 00:23:31 -0800

This is an automated email from the ASF dual-hosted git repository.

morningman pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris-website.git



The following commit(s) were added to refs/heads/master by this push:
     new f63b9b42f87 add new strong password doc (#3313)
f63b9b42f87 is described below

commit f63b9b42f87066aef32230696467aa191a0bf5a5
Author: Mingyu Chen (Rayner) <[email protected]>
AuthorDate: Wed Jan 28 16:23:16 2026 +0800

    add new strong password doc (#3313)
    
    ## Versions
    
    - [x] dev
    - [x] 4.x
    - [ ] 3.x
    - [ ] 2.1
    
    ## Languages
    
    - [x] Chinese
    - [x] English
    
    ## Docs Checklist
    
    - [ ] Checked by AI
    - [ ] Test Cases Built
---
 docs/admin-manual/auth/authentication-and-authorization.md  | 11 +++++++++++
 .../admin-manual/auth/authentication-and-authorization.md   | 13 ++++++++++++-
 .../admin-manual/auth/authentication-and-authorization.md   | 13 ++++++++++++-
 .../admin-manual/auth/authentication-and-authorization.md   | 11 +++++++++++
 4 files changed, 46 insertions(+), 2 deletions(-)

diff --git a/docs/admin-manual/auth/authentication-and-authorization.md 
b/docs/admin-manual/auth/authentication-and-authorization.md
index 368ea45c29d..3302c38100d 100644
--- a/docs/admin-manual/auth/authentication-and-authorization.md
+++ b/docs/admin-manual/auth/authentication-and-authorization.md
@@ -87,6 +87,17 @@ Doris supports the following password policies to assist 
users in better passwor
 
     - `SET validate_password_policy=STRONG`
 
+    Since Doris 4.0.4, the password strength validation policy has been 
enhanced as follows:
+
+    1. When `validate_password_policy` is set to `STRONG/2`, the password must 
**contain all 4 character types** (uppercase letters, lowercase letters, 
numbers, and special characters), instead of the previous "3 out of 4" 
requirement.
+
+    2. Added **dictionary word check**: passwords cannot contain common weak 
words (such as password, admin, test, root, etc.). The system includes a 
built-in dictionary of common weak words, and passwords containing these words 
will be rejected.
+
+    3. Support for **custom dictionary files**: you can specify a custom 
dictionary filename via the global variable 
`validate_password_dictionary_file`. The dictionary file should be placed in 
the `${DORIS_HOME}/plugins/security/` directory. The file format is one word 
per line; empty lines and lines starting with `#` are ignored.
+
+       Example:
+       - `SET GLOBAL validate_password_dictionary_file = 'my_dictionary.txt'`
+
 For more help, please refer to [ALTER 
USER](../../sql-manual/sql-statements/account-management/ALTER-USER.md).
 
 ### LDAP-based Authentication Scheme
diff --git 
a/i18n/zh-CN/docusaurus-plugin-content-docs/current/admin-manual/auth/authentication-and-authorization.md
 
b/i18n/zh-CN/docusaurus-plugin-content-docs/current/admin-manual/auth/authentication-and-authorization.md
index f782fa6d7c0..ed6be6c622f 100644
--- 
a/i18n/zh-CN/docusaurus-plugin-content-docs/current/admin-manual/auth/authentication-and-authorization.md
+++ 
b/i18n/zh-CN/docusaurus-plugin-content-docs/current/admin-manual/auth/authentication-and-authorization.md
@@ -81,12 +81,23 @@ Doris 支持以下密码策略，可以帮助用户更好的进行密码管理
 
 4. 密码强度
 
-    该功能由全局变量 `validate_password_policy` 控制。默认为 `NONE/0`，即不检查密码强度。如果设置为 
`STRONG/2`，则密码必须包含“大写字母”，“小写字母”，“数字”和“特殊字符”中的 3 项，并且长度必须大于等于 8。
+    该功能由全局变量 `validate_password_policy` 控制。默认为 `NONE/0`，即不检查密码强度。如果设置为 
`STRONG/2`，则密码必须包含"大写字母"，"小写字母"，"数字"和"特殊字符"中的 3 项，并且长度必须大于等于 8。
 
     示例：
 
     - `SET validate_password_policy=STRONG`
 
+    自 Doris 4.0.4 版本起，密码强度验证策略做了以下增强：
+
+    1. 当 `validate_password_policy` 设置为 `STRONG/2` 时，密码必须**同时包含全部 4 
种字符类型**（大写字母、小写字母、数字和特殊字符），而不是之前的"4 选 3"。
+
+    2. 新增**字典词检查**功能：密码不能包含常见的弱密码词（如 password、admin、test、root 
等）。系统内置了常见弱密码词典，当密码中包含这些词时会被拒绝。
+
+    3. 支持**自定义字典文件**：可以通过全局变量 `validate_password_dictionary_file` 
指定自定义的字典文件名。字典文件需放置在 `${DORIS_HOME}/plugins/security/` 目录下。文件格式为每行一个词，空行和以 `#` 
开头的行会被忽略。
+
+       示例：
+       - `SET GLOBAL validate_password_dictionary_file = 'my_dictionary.txt'`
+
 更多帮助，请参阅[ALTER 
USER](../../sql-manual/sql-statements/account-management/ALTER-USER)。
 
 ### 基于 LDAP 的认证方案
diff --git 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-4.x/admin-manual/auth/authentication-and-authorization.md
 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-4.x/admin-manual/auth/authentication-and-authorization.md
index f782fa6d7c0..ed6be6c622f 100644
--- 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-4.x/admin-manual/auth/authentication-and-authorization.md
+++ 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-4.x/admin-manual/auth/authentication-and-authorization.md
@@ -81,12 +81,23 @@ Doris 支持以下密码策略，可以帮助用户更好的进行密码管理
 
 4. 密码强度
 
-    该功能由全局变量 `validate_password_policy` 控制。默认为 `NONE/0`，即不检查密码强度。如果设置为 
`STRONG/2`，则密码必须包含“大写字母”，“小写字母”，“数字”和“特殊字符”中的 3 项，并且长度必须大于等于 8。
+    该功能由全局变量 `validate_password_policy` 控制。默认为 `NONE/0`，即不检查密码强度。如果设置为 
`STRONG/2`，则密码必须包含"大写字母"，"小写字母"，"数字"和"特殊字符"中的 3 项，并且长度必须大于等于 8。
 
     示例：
 
     - `SET validate_password_policy=STRONG`
 
+    自 Doris 4.0.4 版本起，密码强度验证策略做了以下增强：
+
+    1. 当 `validate_password_policy` 设置为 `STRONG/2` 时，密码必须**同时包含全部 4 
种字符类型**（大写字母、小写字母、数字和特殊字符），而不是之前的"4 选 3"。
+
+    2. 新增**字典词检查**功能：密码不能包含常见的弱密码词（如 password、admin、test、root 
等）。系统内置了常见弱密码词典，当密码中包含这些词时会被拒绝。
+
+    3. 支持**自定义字典文件**：可以通过全局变量 `validate_password_dictionary_file` 
指定自定义的字典文件名。字典文件需放置在 `${DORIS_HOME}/plugins/security/` 目录下。文件格式为每行一个词，空行和以 `#` 
开头的行会被忽略。
+
+       示例：
+       - `SET GLOBAL validate_password_dictionary_file = 'my_dictionary.txt'`
+
 更多帮助，请参阅[ALTER 
USER](../../sql-manual/sql-statements/account-management/ALTER-USER)。
 
 ### 基于 LDAP 的认证方案
diff --git 
a/versioned_docs/version-4.x/admin-manual/auth/authentication-and-authorization.md
 
b/versioned_docs/version-4.x/admin-manual/auth/authentication-and-authorization.md
index 368ea45c29d..3302c38100d 100644
--- 
a/versioned_docs/version-4.x/admin-manual/auth/authentication-and-authorization.md
+++ 
b/versioned_docs/version-4.x/admin-manual/auth/authentication-and-authorization.md
@@ -87,6 +87,17 @@ Doris supports the following password policies to assist 
users in better passwor
 
     - `SET validate_password_policy=STRONG`
 
+    Since Doris 4.0.4, the password strength validation policy has been 
enhanced as follows:
+
+    1. When `validate_password_policy` is set to `STRONG/2`, the password must 
**contain all 4 character types** (uppercase letters, lowercase letters, 
numbers, and special characters), instead of the previous "3 out of 4" 
requirement.
+
+    2. Added **dictionary word check**: passwords cannot contain common weak 
words (such as password, admin, test, root, etc.). The system includes a 
built-in dictionary of common weak words, and passwords containing these words 
will be rejected.
+
+    3. Support for **custom dictionary files**: you can specify a custom 
dictionary filename via the global variable 
`validate_password_dictionary_file`. The dictionary file should be placed in 
the `${DORIS_HOME}/plugins/security/` directory. The file format is one word 
per line; empty lines and lines starting with `#` are ignored.
+
+       Example:
+       - `SET GLOBAL validate_password_dictionary_file = 'my_dictionary.txt'`
+
 For more help, please refer to [ALTER 
USER](../../sql-manual/sql-statements/account-management/ALTER-USER.md).
 
 ### LDAP-based Authentication Scheme


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

(doris-website) branch master updated: add new strong password doc (#3313)

Reply via email to