[
https://issues.apache.org/jira/browse/JSPWIKI-1248?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18041547#comment-18041547
]
ASF subversion and git services commented on JSPWIKI-1248:
----------------------------------------------------------
Commit 33d2669e2589cbe97c7f13c8e31bfba65c3165c8 in jspwiki's branch
refs/heads/dependabot/maven/lucene.version-10.3.1 from Alex O'Ree
[ https://gitbox.apache.org/repos/asf?p=jspwiki.git;h=33d2669e2 ]
JSPWIKI-1248 after testing on the live server, it was noted that the default
setting is 0 characters must be changed when changing passwords. so you can
keep reusing the same one over and over again. changed to at least 1.
> Additional password change check to enforce X number of characters are
> different from the original
> --------------------------------------------------------------------------------------------------
>
> Key: JSPWIKI-1248
> URL: https://issues.apache.org/jira/browse/JSPWIKI-1248
> Project: JSPWiki
> Issue Type: New Feature
> Reporter: Alex O'Ree
> Assignee: Alex O'Ree
> Priority: Major
> Labels: pull-request-available
> Fix For: 3.0.0
>
>
> i think the idea is to prevent password1, password2, password3 type of
> changes. it'll be configurable of course.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
