Michael Jung wrote:
> With the e-smith-password page I'm able to set a three letter password as
a user. So
> as the administrator I have no chance to force a minimum of password
strenght.
On the other side, I noticed that E-Smith validates only the first eight
characters of a password, not more - at least, v.4.0.1 does.
In other words, if a user chooses "MickeyMouse" as his/her password, a
succesful logon happens even if the passwords given are "MickeyMonster",
"MickeyMoBetterBlues" or just "MickeyMo"...
If you think that an administrator should set a minimum password lengt, I
guess he/she should be able to set a maximum significative password lenght
larger than eight characters as well... O:)
--
Pierluigi Miranda
