And how forcing whole forum to follow could be a good thing? Chances that password will be brute forced are close to 0, chances that it will be stolen from document that user had to create on desktop because admin wanted to force his habits on others or someone found a paper user wrote password on are much higher.kjtocool wrote:Because unique fields forces the user to enter a phrase, one field simply allows it. With one field, you can't force an entire forum to follow.
Support Multi-Word Passwords
Re: Support Multi-Word Passwords
Formerly known as CyberAlien.
Free phpBB styles | Premium responsive XenForo styles | Iconify - modern open source replacement for glyph fonts
Free phpBB styles | Premium responsive XenForo styles | Iconify - modern open source replacement for glyph fonts
Re: Support Multi-Word Passwords
Something established like http://php.net/manual/en/book.crack.php is probably better than trying to figure out what a "strong" password is.
Not all boards need military-grade security. Unless an administrator configures password strength requirements (and I believe this is already possible to some extent), users should have the ability to use single-digit passwords if that is what they fancy.
Not all boards need military-grade security. Unless an administrator configures password strength requirements (and I believe this is already possible to some extent), users should have the ability to use single-digit passwords if that is what they fancy.
- bantu
- 3.0 Release Manager
- Posts: 557
- Joined: Thu Sep 07, 2006 11:22 am
- Location: Karlsruhe, Germany
- Contact:
Re: Support Multi-Word Passwords
I agree. There is no need for multiple password fields because you can do the same thing with a single field. Password length and complexity settings already allow you to configure how complex a password has to be.
I'd rather take patches for adding another complexity option "has to be a whole passphrase" or something like that.
Also, "multi-word passwords" are already supported, so your topic title is a bit incorrect.
I'd rather take patches for adding another complexity option "has to be a whole passphrase" or something like that.
Also, "multi-word passwords" are already supported, so your topic title is a bit incorrect.