https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21314 Benjamin Daeuber <bdaeuber@cityoffargo.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bdaeuber@cityoffargo.com --- Comment #13 from Benjamin Daeuber <bdaeuber@cityoffargo.com> --- (In reply to Marcel de Rooy from comment #10)
+ if ( C4::Context->preference('RequireStrongPassword') ) { + $minPasswordLength = 3 if $minPasswordLength < 3; + }
How strong is that? LOL Imo we should enforce at least 8 chars or so, and educate users that security has a price.
As the library in question, I have to say that I agree with you personally, but professionally I believe this would be a barrier to service. We serve a broad range from the very young to very old to customers with severe learning disabilities. Education is simply not always an option. Users have to use their password to access public computers (as well as a variety of other services) and the true outcome here is that we would spend our time resetting passwords all day long. Last names are easy to remember and secure enough to prevent abuse when cards are lost (which a default password would not be). -- You are receiving this mail because: You are watching all bug changes.