Also, does the code below replace the old "password1" section? Which looked like this.


      <tr>
        <td align="right">##X110:</td>
        <td align="left"><input type="password" name="password1" maxlength=128 size=16></td>
      </tr>


And I assume the password2 section remains the same, which looked like this.


      <tr>
        <td align="right">##X091</td>
        <td align="left"><input type="password" name="password2" maxlength=128 size=16></td>
      </tr>


Thanks and sorry for all the questions, I'm not a coder (obviously!) which of course is why I have a toaster in the first place. But I can follow directions!


Gary


On 4/5/2018 10:04 AM, Jeff Koch wrote:
Sorry - I left out this piece of code - goes right before the code that says password2. It's been 10 years since we looked at this.

                                <tr>
                                  <td align="right" class="style1">##X110:</td>
                                  <td align="left" class="style1">
                                    <input type="password" name="password1" maxlength=128 size=16 id="pass" _onkeyup_="passwordStrength(this.value)">
                                  </td>
                                </tr>

Jeff

On 4/5/2018 9:55 AM, Jeff Koch wrote:
Hi Gary:

Only affects new passwords entered in mod_user.html. You'll need to add similar _javascript_.to 'add_user.html'. You can do the same in squirrelmail if you can find the correct place to slug in the _javascript_. The code analyzes text entered in the input field  'password' and grays out the submit button until the password meets the test criteria. It's pretty basic code and I'm sure _javascript_ experts could do a lot to improve it and give more clues to the users.

Once of the problems with messing with the templates is that there is no table defining the hash mark codes like ##tt ##tu ##X251. If anyone has a cheat sheet please share.

Jeff

On 4/5/2018 7:42 AM, Gary Bowling wrote:


Thanks Jeff. Just to make sure, if I do that edit it doesn't affect any existing passwords? Only inputting any new passwords or changing any passwords?


Also, I guess a user can still change their password via squirrelmail and bypass these rules? That rarely happens on my server, but just want to make sure I understand.


Thanks, Gary


On 4/4/2018 11:03 PM, Jeff Koch wrote:
You can insert _javascript_ password rules in the html code templates for qmailadmin.

Here's a simple password strength _javascript_ that goes in the top of mod_user.html

<script>

function passwordStrength(password)
{
        var desc = new Array();
        desc[0] = "Very Weak";
        desc[1] = "Weak";
        desc[2] = "Better";
        desc[3] = "Medium";
        desc[4] = "Strong";
        desc[5] = "Strongest";

        var score   = 0;

        //if password bigger than 7 give 1 point
        if (password.length > 7) score++;

        //if password has both lower and uppercase characters give 1 point
        if ( ( password.match(/[a-z]/) ) && ( password.match(/[A-Z]/) ) ) score++;

        //if password has at least one number give 1 point
        if (password.match(/\d+/)) score++;

        //if password has at least one special characther give 1 point
        if ( password.match(/.[!,@,#,$,%,^,&,*,?,_,~,-,(,)]/) ) score++;

        //if password bigger than 12 give another 1 point
        if (password.length > 12) score++;

         document.getElementById("passwordDescription").innerHTML = desc[score];
         document.getElementById("passwordStrength").className = "strength" + score;

         if (score > 2 ) {
           document.getElementById("btnSubmit").disabled = false;
         }else{
           document.getElementById("btnSubmit").disabled = true;
         }

         return score;
}

</script>

then further along in the code we have:

                                  <td align="left" class="style1">
                                    <input type="password" name="password2" maxlength=128 size=16>
                                  </td>
                                </tr>
                      <tr>
                        <td align=right><span class="style1">Password strength:</span></td>
                        <td align="left"><span class="style1"><div id="passwordDescription">Password not entered</div></td>
                      </tr>
                      <tr>
                        <td align=right><span class="style1"></span></td>
                        <td align="left"><span class="style1">
                        <div id="passwordStrength" class="strength0"></div>
                        <br>
                        </td>
                      </tr>
<tr><td colspan=2 align=left>
<span class="style1">Passwords must be at least eight characters and include three of the following four types: upper case letters, lower case letters, numbers and special characters.</span>
</td></tr>



Regards, Jeff








On 4/4/2018 6:51 PM, Gary Bowling wrote:


Last time I checked it was either not possible or not easy to implement password rules one the toaster. But that was a long time ago.


Has anything changed in that regard?

--
____________________
Gary Bowling
--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Reply via email to