Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-17510

The reset password functionalitiy is not affected by password strength rules

    Details

    • Type: Bug
    • Status: Open
    • Priority: Critical
    • Resolution: Unresolved
    • Affects Version/s: 11.10.5
    • Fix Version/s: None
    • Component/s: Administration, User
    • Labels:
      None
    • Difficulty:
      Unknown
    • Similar issues:

      Description

      Steps to reproduce :

      • Start a fresh wiki
      • Create a new user, let's call it "Bob"
      • Update the section "Users & Rights > Registration" of the administration, so that passwords require at least 12 characters
      • Bob lost his password, use the "Reset password" functionality to get an email with a reset password link
      • Clicking on the link, you can update Bob's password, but here you can put a weak password, something like "Yolololo", which is not 12 chars long.

        Attachments

          Activity

            People

            • Assignee:
              surli Simon Urli
              Reporter:
              caubin Clément Aubin
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: