Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-5164

Honor minimum and maximum password length in generated passwords as much as possible.

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • 3.0.RC3
    • 3.0.8-RC1
    • User Control Panel (UCP)
    • None
    • PHP Environment: 5.2.3
      Database: MySQL 4.1.22

    Description

      if you are requesting a new password by sendpassword the generated password dose not follow the password complexity and password length from the ACP. It is all the time 8 Characters long and only includes Numbers and capitals. At no time the system buts in Symbols. So by sending password you can escape from the security right lines!

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. PHPBB3-9611 Increase entropy in activation keys

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Unverified Fix

          Improvement - An improvement or enhancement to an existing feature or task. PHPBB3-9612 Split gen_rand_string() into gen_rand_string() and gen_rand_string_friendly()

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Unverified Fix

          Activity

            People

              bantu Andreas Fischer [X] (Inactive)
              lateiner lateiner
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: