Mantis Bug Tracker - Forums


https://mantisbt.org/forums/

Password security verification

https://mantisbt.org/forums/viewtopic.php?t=28752

Page 1 of 1

Password security verification

Posted: 03 Oct 2023, 08:38
by iame
Regarding password security verification, is it possible for us to check password strength?
We want to prevent users from setting weak passwords, such as: !QAZ2wsx (the first two lines of characters on the keyboard)
Thanks.

Re: Password security verification

Posted: 03 Oct 2023, 09:41
by atrol
This funtionality is not available out of the box, see https://www.mantisbt.org/bugs/view.php?id=10318

Re: Password security verification

Posted: 04 Oct 2023, 06:54
by cas
There is a plugin available, https://github.com/ryltar/Password-strength
I have not tesxted this but is may serve your request :mrgreen:

Re: Password security verification

Posted: 11 Oct 2023, 03:44
by iame
iame wrote: 03 Oct 2023, 08:38 Regarding password security verification, is it possible for us to check password strength?
We want to prevent users from setting weak passwords, such as: !QAZ2wsx (the first two lines of characters on the keyboard)
Thanks.
Hi cas
Thank you for your reply. We have used a similar setting to require users to set a more complex password, but some people will always set a simple password, but the password still complies with the rules, for example, the first two rows of the keyboard: !QAZ2wsx



Must contain at least 8 characters
Must contain at least one uppercase letter
Must contain at least one lowercase letter
Must contain at least one number
Must contain at least one special character

Re: Password security verification

Posted: 11 Oct 2023, 04:00
by iame
atrol wrote: 03 Oct 2023, 09:41 This funtionality is not available out of the box, see https://www.mantisbt.org/bugs/view.php?id=10318
Hi atrol
Thank you for your reply. We have used a similar setting to require users to set a more complex password, but some people will always set a simple password, even the password still complies with the rules :( (for example, the first two rows of the keyboard: !QAZ2wsx)
Must contain at least 8 characters
Must contain at least one uppercase letter
Must contain at least one lowercase letter
Must contain at least one number
Must contain at least one special character

Re: Password security verification

Posted: 11 Oct 2023, 06:05
by cas
What you then can try is to extend the existing plugin with checking a table which holds the "weak" passwords.

Re: Password security verification

Posted: 27 Oct 2023, 03:12
by iame
cas wrote: 11 Oct 2023, 06:05 What you then can try is to extend the existing plugin with checking a table which holds the "weak" passwords.

It sounds good, we will study in this direction, thank you for your advice. :D
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited