ClearOS Bug Tracker


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0015371ClearOSapp-users - User Managerpublic2017-06-19 07:162017-08-18 10:02
Reporterpbaldwin 
Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusconfirmedResolutionopen 
PlatformOSOS Version
Product Version7.3.1 
Target Version7.4.0 UpdatesFixed in Version 
Summary0015371: Review password requirements
DescriptionA number of characters are not allowed for passwords. This comes from the need to support the "lowest common denominator" across various systems, notably:

- CodeIgniter has a list of invalid characters, but we should just encode these.

- The maximum password length is set to 100. Windows 7 has a max of 127 characters.

Setting a maximum password length seems a bit odd in this day an age, but at the very least we should provide that reason to the end user. In other words, instead of showing:

   Error: password is too long

We should show:

   Error: to ensure Windows compatibility, passwords need to be less than X


In addition, passwords are checked using "cracklib" tools in order to prevent weak passwords. Can we get more useful feedback from that tool?
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
2017-06-19 07:17 pbaldwin New Issue
2017-06-19 07:17 pbaldwin Status new => confirmed
2017-08-18 10:02 pbaldwin Target Version 7.4.0 Beta 1 => 7.4.0 Updates