https://bugzilla.wikimedia.org/show_bug.cgi?id=25925
--- Comment #30 from Daniel Friesen <[email protected]> --- (In reply to comment #25) > Daniel and Tyler were working on a password backend rework last summer, that > I'm really sorry I missed pushing internally. Both, iirc, prompted for a > password change on login if the user's group membership required more > complexity, which is the right way to go in the long run, imo. Actually there was no password change in that project. The goal wasn't to change the actual password but make it so that password hashes were upgraded when you login. eg: A user with an :A: type password would login with their password 'password', their password would stay as 'password' but the password hash for their account would be upgraded to say a :C: if that's the latest type the wiki is using. (The new default being PBKDF2-HMAC-SHA256 with a 64 bit salt and 10000 iterations.) And MZMcBride... your talkink about user convenience. But convenience<->security is always a matter of the right balance. And frankly. The difference in convenience between a user being forced to type 'a' and a user being forced to type 'mypass' or 'password' is so small compared to the security difference (potentially seconds vs. days vs. years) that the level of convenience offered by permitting 'a' as a password is unacceptable. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
