Loading...

XML

Word

Printable

Type: Improvement
Resolution: Fixed
Priority: Major
Fix Version/s: 3.3.0-b1
Affects Version/s: 3.1.7-pl1, 3.2.0-b1
Component/s: None
Labels:
None

There is no point in having this setting, since there is no point in having a maximum password length.
It will just lower security for users if admins that don't know or don't care about this setting just let them as they are when the board is installed.

The few cases where way too long passwords can cause a DoS are catched with a hardcoded maximum length of 4096 which should be more than enough for everyone.

is related to

PHPBB-11327 Implement reset password functionality via form instead of sending password

Unverified Fix

Assignee:: Marc

Reporter:: Oliver Schramm [X] (Inactive)

Votes:: 4 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 07/Feb/16 12:37 AM

Updated:: 07/Oct/19 5:26 PM

Resolved:: 07/Oct/19 5:26 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates