https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19514
Bug ID: 19514
Summary: No Password restrictions in onboarding tool patron
creation
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: ASSIGNED
Severity: critical
Priority: P3
Component: Installation and upgrade (web-based installer)
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
CC: [email protected]
When a superlibrarian user account is created in the onboarding tool there is
no checking of the password other than checking the two inputted password
values are matching.
This means the password length, complexity and if it contains whitespace is not
checked. This means users can enter in weak passwords causing a security
vulnerability which is particularly bad in this case because a superlibrarian
user is being created.
--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[email protected]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
