[Koha-bugs] [Bug 21314] Koha enforces three (3) character password length even if RequireStrongPassword is disabled
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Sep 5 16:34:56 CEST 2018
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21314
--- Comment #11 from Kyle M Hall <kyle at bywatersolutions.com> ---
(In reply to Marcel de Rooy from comment #10)
> + if ( C4::Context->preference('RequireStrongPassword') ) {
> + $minPasswordLength = 3 if $minPasswordLength < 3;
> + }
>
> How strong is that? LOL
> Imo we should enforce at least 8 chars or so, and educate users that
> security has a price.
Agreed, but that's another bug report ;)
IMO we should have a syspref where we can add a custom or canned regex to
define password difficulty. But again, that's quite out of scope here.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list