Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-32241

Enhance password strength calculation to include all character types

    XMLWordPrintable

    Details

    • Type: Feature Request
    • Status: RESOLVED
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 11.2
    • Fix Version/s: 12.0
    • Component/s: Users (Admin User Management)
    • Labels:
      None
    • Test Plan:
      Hide

      Ensure that the user.password.policy=true config is set.
      Go to the users tool from the admin workspace and edit an account for a current user.
      Try typing in passwords, including the following:

      These passwords should give a weak strength:
      qQ1!
      1234567890123456
      有qQ1
      qqqqQQQQ
      françééé

      These passwords should give moderate strength:
      qQ1!5678
      françaisnormé1
      有有有有有有有有mmmmmmmm
      ضQq有1234

      These Passwords should give strong strength:
      wW2"56789012
      qqqqQQQQ1234567890123456
      ضQq有12345678

      Show
      Ensure that the user.password.policy=true config is set. Go to the users tool from the admin workspace and edit an account for a current user. Try typing in passwords, including the following: These passwords should give a weak strength: qQ1! 1234567890123456 有qQ1 qqqqQQQQ françééé These passwords should give moderate strength: qQ1!5678 françaisnormé1 有有有有有有有有mmmmmmmm ضQq有1234 These Passwords should give strong strength: wW2"56789012 qqqqQQQQ1234567890123456 ضQq有12345678

      Description

      Characters such as Chinese or Arabic do not currently increase the strength when calculating whether a password is weak, moderate or strong. Enhance the calculation so that it does.

      The strength checking code is used when changing the password from the Users tool - edit account as well as the Account tool - My account details. It is also used when adding an external user to a site whereby they get an email with a link to a page in the account validator tool.

      Note that this config has to be set in sakai.properties or local.properties for strength checks to take place and be displayed:

      user.password.policy=true

        Gliffy Diagrams

          Zeplin

            Attachments

              Activity

                People

                Assignee:
                rebeccam Rebecca Miller
                Reporter:
                rebeccam Rebecca Miller
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved:

                    Git Integration