[Tickets #9130] Invalid characters allowed in new password
bugs at horde.org
bugs at horde.org
Thu Jul 8 15:44:43 UTC 2010
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/9130
------------------------------------------------------------------------------
Ticket | 9130
Created By | Valentin.Vidic at CARNet.hr
Summary | Invalid characters allowed in new password
Queue | Passwd
Version | 3.1
Type | Enhancement
State | New
Priority | 2. Medium
Milestone |
Patch | 1
Owners |
+New Attachment | passwd.diff
------------------------------------------------------------------------------
Valentin.Vidic at CARNet.hr (2010-07-08 11:44) wrote:
Passwd doesn't check if the new password contains characters other
than alpha, num, space and symbol so some of our users ended up with
passwords containing UTF8 characters. Since passwords are often used
in various different applications this is not a good idea. Attached is
a patch that introduces a counter for characters not matched by other
ctype classes. In addition to this password charset has to be taken
into account in order to split into characters correctly.
More information about the bugs
mailing list