[Koha-bugs] [Bug 21314] Koha enforces three (3) character password length even if RequireStrongPassword is disabled

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Sun Sep 16 20:03:37 CEST 2018


https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21314

--- Comment #14 from Jonathan Druart <jonathan.druart at bugs.koha-community.org> ---
(In reply to Marcel de Rooy from comment #10)
> +    if ( C4::Context->preference('RequireStrongPassword') ) {
> +        $minPasswordLength = 3 if $minPasswordLength < 3;
> +    }
> 
> How strong is that? LOL
> Imo we should enforce at least 8 chars or so, and educate users that
> security has a price.

See bug 18308.

-- 
You are receiving this mail because:
You are watching all bug changes.


More information about the Koha-bugs mailing list