[Koha-bugs] [Bug 18308] Default value of minPasswordLength should be increased

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Mon Apr 15 00:23:04 CEST 2019


https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18308

Hayley Mapley <hayleymapley at catalyst.net.nz> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #87959|0                           |1
        is obsolete|                            |
  Attachment #87960|0                           |1
        is obsolete|                            |

--- Comment #42 from Hayley Mapley <hayleymapley at catalyst.net.nz> ---
Created attachment 87961
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=87961&action=edit
Bug 18308: Added step to onboarding tool to set minPasswordLength

This patch increases the default minPasswordLength syspref value to 8
characters, for new installations.

The final (6th step) of the onboarding tool is now a password length
page where the default value of 8 can be altered. There is a security warning
in red recommending to the user they
keep the minimum length of the password at 8 characters or more.

This patch also removes the atomicupdate .sql file to be run in an update to
alter the default
minPasswordLength value for existing Koha installations, based on tester
feedback.

Test plan:
1. Create a patron with a password less than 3 characters in length and
notice that a red message is displayed by the input telling you that the
password must be 3 characters minimum length

2. Query the database "select value from systempreferences where
variable="minPasswordLength"; and notice the value is 3

3. Drop and recreate your database and restart memcached

4. Go through the web installer and onboarding tool. Noticing the last
step of the onboarding tool is to create a circulation rule

5. Apply patch

6. Repeat step 3

7. Go through the web installer and onboarding tool. Noticing the last
step of the onboarding tool is to set the minimum password length, the
numerical input element has a default value of 8 and notice that it will
go below 3

8. Repeat step 2 and notice the value is 8

9. In the onboarding tool change the minimum password length value to 7
and submit the form

10. Notice the completed page of the onboarding tool is displayed with
the message that the minimum password length has been set.

11. Repeat step 2 and notice the value is now 7.

12. Try to create a patron in Intranet and OPAC with a password less
than 7 characters and notice that a red message is displayed by the
input telling you that the password must be 7 characters minimum length

Sponsored-By: Catalyst IT

Signed-off-by: David Bourgault <david.bourgault at inlibro.com>

https://bugs.koha-community.org/show_bug.cgi?id=6473

-- 
You are receiving this mail because:
You are watching all bug changes.


More information about the Koha-bugs mailing list