Le 08/08/2016 à 17:05, Matthieu Imbert a écrit :
Hello,
Hi,
Currently, there is no validation mechanism for user passwords, except checking that they are at least 6 characters long. This allows very weak passwords to be used, this can be a security issue.
In the master branch, password must be 8 characters long.
We (inria) would like to add at least some basic password validation.
+1
I've added simple password validation which ensures that passwords contain at least one lower case letter, one upper case, one digit, and one non-alphanumeric char. This is checked both when creating an account or when changing an account's password. Additionally, as this may cause some problems for particular fusionforge instances, I've added a config option (check_password_strength boolean) to deactivate this validation.patch attached.
Could you rebase your patch against latest master? Then could you create a "feature request" artifact and attach your patch? I will take a look after my vacation :-) Meaning: end of August. Regards, Franck -- TrivialDev Founder http://trivialdev.com
<<attachment: franck_villaume.vcf>>
_______________________________________________ Fusionforge-general mailing list Fusionforge-general@lists.fusionforge.org http://lists.fusionforge.org/cgi-bin/mailman/listinfo/fusionforge-general
