https://bugzilla.wikimedia.org/show_bug.cgi?id=25925
--- Comment #28 from Matthew Flaschen <[email protected]> --- (In reply to comment #25) > One proposal I'll make is to remove the check that the password meets the > minimum length on login, and enforce it on account creation and password > change. That (I think, although I haven't traced all the code) would let us > raise it for new accounts without locking out the old ones. > > Daniel and Tyler were working on a password backend rework last summer, that > I'm really sorry I missed pushing internally. Both, iirc, prompted for a > password change on login if the user's group membership required more > complexity, which is the right way to go in the long run, imo. I think together these are a reasonable middle ground. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
