https://bugzilla.wikimedia.org/show_bug.cgi?id=44788
--- Comment #6 from Tyler Romeo <[email protected]> --- (In reply to comment #5) > (In reply to comment #4) > > I would either make a new extension specifically for password strength or > > wait > > for Daniel's password hashing API to be merged and then for this extension > > to > > be changed to use that API. > > The new password system has nothing to do with the front end of passwords > (except for adding a new error message to distinguish "The password you > entered > is invalid" from "The hash attached to this user is corrupt. > > Changing the way password strength requirements work can be done without > waiting for the password hashing system. The conditionals don't belong inside > the classes handling storage format. There should be no conflicts > implementing > password restrictions in the proper places. I agree completely. That's why I was saying not to use this extension, because it mixes both front end and back end, and if deployed, would make using the new back end system impossible since it returns false on a hook. -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
