https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30605
Bug ID: 30605
Summary: New password should be more than just unequal to old
password
Change sponsored?: ---
Product: Koha
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
CC: [email protected]
From a comment on bug 29925:
If my password was 123Jim+1, and I just change to 123Jim+2, or change 3Jim@abc
to 4Jim@abc, could we refuse such changes?
Look for some 'large enough' string that they have in common or so?
Or compare the number of positions where they are different?
Note that it might be possible to move such code into a check_password plugin,
but we would need the old and new password when calling ->set_password.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
