Password length #965

Closed
lgg opened this Issue Jan 10, 2017 · 5 comments

Projects

None yet

2 participants

@lgg
lgg commented Jan 10, 2017

In admin panel pass length is restricted by 50 symbols.

  1. The warning message tells nothing about max length

Password. Minimum 6 characters and white space not allowed

no info about max length!!!

Code: https://github.com/RestyaPlatform/board/blob/master/client/js/templates/users_register.jst.ejs#L16 and
https://github.com/RestyaPlatform/board/blob/master/client/js/templates/admin_user_add.jst.ejs#L16

  1. Also, why we need to restrict password length? For example, i use KeePass with default 64-symbol length password generation.
@lmarikannan
Contributor

@lgg Information issue fixed in this commit 3691782.

Also regarding password length 50 character is large enough and a normal user cannot able to remember more than that length.

@lgg
lgg commented Jan 12, 2017
  1. It still not fixed in admin panel:
    https://github.com/RestyaPlatform/board/blob/master/client/js/templates/admin_user_add.jst.ejs#L16

  2. Okay, most of users are okay with 50 symbols password length, but why? Why we can't increase it to 64,128,256,infinity? Any performance reasons? Special requirements of PostgreSQL?

@lgg lgg added a commit to lgg/board that referenced this issue Jan 12, 2017
@lgg lgg fix #965 part 1 fba9eb6
@lmarikannan
Contributor

@lgg

It still not fixed in admin panel:
https://github.com/RestyaPlatform/board/blob/master/client/js/templates/admin_user_add.jst.ejs#L16

We have fixed this in dev branch and we will merge it in master branch while release next version.

Okay, most of users are okay with 50 symbols password length, but why? Why we can't increase it to 64,128,256,infinity? Any performance reasons? Special requirements of PostgreSQL?

No such special requirements in PostgreSQL. You can increase it to any length.

@lgg
lgg commented Jan 13, 2017

@lmarikannan so if there are no special requirements - why we need maximum length restriction?

@lgg
lgg commented Jan 18, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment