[sork] string length

Erik Slooff erik@slooff.com
Tue, 2 Jul 2002 07:29:46 +0200


Hi,

(trying to avoid the word password in the subject: this apparantly confuses the 
list manager...)

I was wondering if it's a good idea to have 2 variables defined per server in 
passwd/config/conf.php for password string length control. Eg. 
min_password_length and max_password_length added to the $conf['server']
['......'] arrays.

Reason I'm suggesting this is that I got a 500 error from poppassd in horde and 
also saw some syslog errors from PAM which at first I couldn't understand. 
After some digging I found out that in /etc/login.defs max password length was 
set to 8 chars and the new password string I had entered was longer.

To prevent this you could show a message in the password change screen 
informing the user what the min and max length of the password string should be 
(and maybe even adjust the field length in the form?).

using the following versions
Horde: 2.1.1-cvs 
IMP: 3.1.1-cvs
Turba: 1.1.1-cvs 
Nic: 0.0.2-cvs 
Passwd: 2.0 

Just my 2 cts,

Bye

Erik