Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Major
Fix Version/s: 3.0.8-RC1
Affects Version/s: 3.0.RC3
Component/s: User Control Panel (UCP)
Labels:
None
Environment:
PHP Environment: 5.2.3
Database: MySQL 4.1.22

phpBB Import Key:
http://www.phpbb.com/bugs/all/ticket.php?ticket_id=13181

if you are requesting a new password by sendpassword the generated password dose not follow the password complexity and password length from the ACP. It is all the time 8 Characters long and only includes Numbers and capitals. At no time the system buts in Symbols. So by sending password you can escape from the security right lines!

is related to

PHPBB-9611 Increase entropy in activation keys

Unverified Fix

PHPBB-9612 Split gen_rand_string() into gen_rand_string() and gen_rand_string_friendly()

Unverified Fix

Assignee:: Andreas Fischer [X] (Inactive)

Reporter:: lateiner

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 09/Jul/07 9:52 PM

Updated:: 23/Jul/10 1:46 PM

Resolved:: 07/Feb/10 12:27 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates