Recent Topics
  1. b2evolution CMS Support Forums
  2. b2evolution Development
  3. A look into the future
  4. Feature requests and Feedback
  5. small Issue - Password length

small Issue - Password length

1 Sep 28, 2005 01:09    

Fellows,

Just a minor issue to consider:

I know that probably you guys are limiting the size of the password cos I am guessing you want to avoid long words that encrypted result in even longer words, longer perhaps than 255 chars, which must be the type of the field in the database where the password is stored.

I am fine with that, altough I use very long passwords. But, here comes the but...

You let people set their passwords to be longer than 20 characters, but you avoid them to enter theirs in the password input field at the login screen cos you use the maxlength ="20" there.

Either we remove the maxlength, cos you cannot login if you have set the password in the admin area to be longer than that, or we restrict that in the admin as well when users set their passwords, or we go to the extremes and we put the field using a text type and we forget about the restrictions.

Anyway, I love your product. Keep it up!

Greetings!

Clauz

Back to top

2 Sep 28, 2005 03:49

AFAIK, passwords are MD5 encoded, so whatever is the initial password length, the finally saved encoded password has the exact length of 32 characters.

I wonder how many people use such a long passwords like you tried to do... ;) But you're right, there is no need for such limitation.

Back to top

3 Sep 28, 2005 19:43

Hello there,

I was not aware of that detail of the length of the encription...thanks for letting me know :)

Anyway, I tend to use very long and complicated passwords...I am such a paranoid :crazy:

Thanks for the tip and greetings,

Clauz

Back to top

4 Sep 28, 2005 20:13

At the very least, the register page and the profile tweaking pages should say "your password must be between X and Y characters in length".

Back to top


Form is loading...