ClearOS Bug Tracker


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0015371ClearOSapp-users - User Managerpublic2017-06-19 07:162018-11-10 10:38
Reporterpbaldwin 
Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusconfirmedResolutionopen 
PlatformOSOS Version
Product Version7.3.1 
Target Version7.6.0Fixed in Version 
Summary0015371: Review password requirements
DescriptionA number of characters are not allowed for passwords. This comes from the need to support the "lowest common denominator" across various systems, notably:

- CodeIgniter has a list of invalid characters, but we should just encode these.

- The maximum password length is set to 100. Windows 7 has a max of 127 characters.

Setting a maximum password length seems a bit odd in this day an age, but at the very least we should provide that reason to the end user. In other words, instead of showing:

   Error: password is too long

We should show:

   Error: to ensure Windows compatibility, passwords need to be less than X


In addition, passwords are checked using "cracklib" tools in order to prevent weak passwords. Can we get more useful feedback from that tool?
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0008601)
marclaporte (manager)
2018-11-10 10:38

FYI, Brendan added a password black list to Tiki:
https://sourceforge.net/p/tikiwiki/code/59973 [^]
https://doc.tiki.org/Password-Blacklists [^]

- Issue History
Date Modified Username Field Change
2017-06-19 07:17 pbaldwin New Issue
2017-06-19 07:17 pbaldwin Status new => confirmed
2017-08-18 10:02 pbaldwin Target Version 7.4.0 Beta 1 => 7.4.0 Updates
2018-02-12 10:18 pbaldwin Target Version 7.4.0 Updates => 7.5.0
2018-04-11 10:14 pbaldwin Target Version 7.5.0 => 7.6.0 Updates
2018-04-11 10:18 pbaldwin Target Version 7.6.0 Updates => 7.5.0 Updates
2018-04-11 10:43 pbaldwin Target Version 7.5.0 Updates => 7.5.0
2018-04-19 08:43 pbaldwin Target Version 7.5.0 => 7.5.0 Updates
2018-10-30 18:18 pbaldwin Target Version 7.5.0 Updates => 7.6.0
2018-11-10 10:38 marclaporte Note Added: 0008601