ClearOS Bug Tracker

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0015371ClearOSapp-users - User Managerpublic2017-06-19 07:162018-04-19 08:43
Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
PlatformOSOS Version
Product Version7.3.1 
Target Version7.5.0 UpdatesFixed in Version 
Summary0015371: Review password requirements
DescriptionA number of characters are not allowed for passwords. This comes from the need to support the "lowest common denominator" across various systems, notably:

- CodeIgniter has a list of invalid characters, but we should just encode these.

- The maximum password length is set to 100. Windows 7 has a max of 127 characters.

Setting a maximum password length seems a bit odd in this day an age, but at the very least we should provide that reason to the end user. In other words, instead of showing:

   Error: password is too long

We should show:

   Error: to ensure Windows compatibility, passwords need to be less than X

In addition, passwords are checked using "cracklib" tools in order to prevent weak passwords. Can we get more useful feedback from that tool?
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
2017-06-19 07:17 pbaldwin New Issue
2017-06-19 07:17 pbaldwin Status new => confirmed
2017-08-18 10:02 pbaldwin Target Version 7.4.0 Beta 1 => 7.4.0 Updates
2018-02-12 10:18 pbaldwin Target Version 7.4.0 Updates => 7.5.0
2018-04-11 10:14 pbaldwin Target Version 7.5.0 => 7.6.0 Updates
2018-04-11 10:18 pbaldwin Target Version 7.6.0 Updates => 7.5.0 Updates
2018-04-11 10:43 pbaldwin Target Version 7.5.0 Updates => 7.5.0
2018-04-19 08:43 pbaldwin Target Version 7.5.0 => 7.5.0 Updates