You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
First validation rule that isn't satisfied returns 1 error
User creates another password, hits "Submit"
Another validation rule might fail and trigger another error
... and so on until all rules are satisfied.
This is quite non-intuitive and lead to multiple complains from our users.
What is the expected result?
A quick and simple process that tells the user exactly which password rules have not been met before hitting "Submit".
What do you get instead?
The form already checks that the 2 password fields are equal before clicking "Submit", the password policy rules should be checked in the same manner and all unsatisfied rules must be reported.
This could be setup in the following way:
Password validation rules are attached to the first password field. They get checked before a password is entered and on every character change so the user is informed about what criteria need to be met before typing and/ or which criteria have already been satisfied by their chosen password.
Additional info
The same mechanism should also be implemented into the change password functionality under 'Administration' -> 'Users'.
Q
A
HumHub version
1.15.3
PHP version
Operating system
The text was updated successfully, but these errors were encountered:
What steps will reproduce the problem?
When configuring a password policy with multiple rules as described in https://docs.humhub.org/docs/admin/security/#password-strength-configuration
the behaviour is very confusing for users because the rules are only checked one-by-one when submitting the form.
This leads to:
... and so on until all rules are satisfied.
This is quite non-intuitive and lead to multiple complains from our users.
What is the expected result?
A quick and simple process that tells the user exactly which password rules have not been met before hitting "Submit".
What do you get instead?
The form already checks that the 2 password fields are equal before clicking "Submit", the password policy rules should be checked in the same manner and all unsatisfied rules must be reported.
This could be setup in the following way:
Password validation rules are attached to the first password field. They get checked before a password is entered and on every character change so the user is informed about what criteria need to be met before typing and/ or which criteria have already been satisfied by their chosen password.
Additional info
The same mechanism should also be implemented into the change password functionality under 'Administration' -> 'Users'.
The text was updated successfully, but these errors were encountered: