Last modified: 2010-05-15 15:38:04 UTC
The function that generates the password for 'Mail me a new password' statically
generates a password with seven characters and ignores the value set in
Created attachment 1098 [details]
Fixes Bug 4071
The patch removes the digit. Is that wise? (It might be better to change it randomize
which chars are which).
Created attachment 1104 [details]
modified function to have generated passwords contain 1 digit at random position
Will the user be unable to log in with the new password if it's below the limit?
If so this is a blocker.
Yes, login with a password shorter than $wgMinimalPasswordLength is not possible.
(changed the severity to blocker)
Applied on HEAD and REL1_5. Will be in 1.5.3.