[
https://issues.apache.org/jira/browse/ROL-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13618374#comment-13618374
]
Noah Slater commented on ROL-1959:
----------------------------------
I would note that the new title does not accurately reflect the nature of my
bug report.
If I were to retitle it, I would put:
"Enhance Roller to do server-side validation of password length"
I will leave this to your discretion, however.
Completely coincidentally, there is a post about this password lengths on
Hacker News right now:
What technical reasons are there to have low maximum password lengths?
http://security.stackexchange.com/questions/33470/what-technical-reasons-are-there-to-have-low-maximum-password-lengths
Again though, that's not really the core of my bug report. I just think Roller
should do server-side validation instead of munging critical authentication
information, where that munging can result in people being effectively locked
out of Roller.
> Enhance Roller to support Infinite Length passwords
> ---------------------------------------------------
>
> Key: ROL-1959
> URL: https://issues.apache.org/jira/browse/ROL-1959
> Project: Roller
> Issue Type: Improvement
> Reporter: Noah Slater
> Assignee: Roller Unassigned
> Attachments: roller_password_screenshot.png
>
>
> Sorry for the vague ticket title. I don't want to make presumptions about the
> issue.
> Steps to reproduce:
> 1. Log in
> 2. Set your password to something long and complex like:
> xaQ}W,3tg4.VkAy4b398C9cRu8gE$vm{%f}V;L96bJyWf}#ELa
> 3. Log out
> 4. Try to log back in again
> What I see:
> I am unable to log in.
> What I expect to see:
> I am able to log in.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
