My quick dig shows that this question was raised about a year ago - I'd already done some looking into it, so I'll repost the same answer (apologies as my original answer was posted on a Saturday with a beer in hand).
I've since found that some updates to BX either reset this tweak or prevent it completely, but it might be a nudge forwards. As a by the way, I once had a site compromised caused by user 'stephen' who had a password of, yes, the same - the 2Gb hosting space was full of all manner of iffy clutter. This was BQ though, not BX. I would never want simple passwords on a live box - I only tweaked it for my local home/test box. HTH Richard --- original post from April 2010 --- OK, I'll start with a disclaimer... strong password checking is a damn good thing and the guys or girls that put it together did a mighty fine job at helping to keep our boxes secure. However, if for some reason outside the realm of normal mortal thinking it is necessary to disable it... try the following: su - pico /usr/sausalito/ui/web/uifc/check_password.php There is a line that says: $password = $_POST["password"]; Directly under it and before the $dictionary... line, add the following to overwrite the variable with a strong password. Such as: $password = "fl1pp1nL0ngP855w0rd"; Exit pico, save and password checking is disabled. It might get overwritten during an update so don't be surprised if it suddenly works again. There's a good little ebook floating around called 'nix_intrusion.pdf' (Google knows it). You might want to keep it handy :o) Hope this helps. Richard ----- Original Message ----- From: "Samuel Lentz" <[email protected]> To: "BlueOnyx General Mailing List" <[email protected]> Sent: Friday, April 01, 2011 3:46 PM Subject: [BlueOnyx:06857] Re: Disable Strong Passwords > On 04/01/2011 10:17 AM, Chris Gebhardt - VIRTBIZ Internet wrote: >> Samuel Lentz wrote: >>> I have done is once before but have forgotten how. >>> >>> Dose anyone know the location of the file that needs to be edited to >>> disable strong passwords for users? >> Just set everything to "password". That ought to fix it. :0 >> >> Honestly, the strong password requirement has been one of the best >> implementations on the BlueOnyx project yet. I know it frustrates the >> lazy, but it also helps to prevent them from allowing the box to get >> compromised. >> >> Before you keep digging on the how-to, you really need to evaluate - >> again - do you REALLY want to (because the only responsible answer is >> that no, you do not.) >> > I am all for the strong passwords. I like the strong passwords. It is > our client that needs the passwords to be week and puney. I did talks > about it for about an hour that they insist on it. > > > _______________________________________________ > Blueonyx mailing list > [email protected] > http://www.blueonyx.it/mailman/listinfo/blueonyx _______________________________________________ Blueonyx mailing list [email protected] http://www.blueonyx.it/mailman/listinfo/blueonyx
