Last modified: 2007-05-08 00:33:02 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 9834 - Password strength judgment upon logon, then password change
Password strength judgment upon logon, then password change
Status: RESOLVED DUPLICATE of bug 3348
Product: MediaWiki
Classification: Unclassified
User login and signup (Other open bugs)
PC Windows XP
: Normal normal (vote)
: ---
Assigned To: Nobody - You can work on this!
Depends on:
  Show dependency treegraph
Reported: 2007-05-08 00:29 UTC by Ral315
Modified: 2007-05-08 00:33 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Description Ral315 2007-05-08 00:29:11 UTC
MediaWiki should, upon first logon, grab an existing user's password, and give
it some sort of rating based on password strength (vulnerability to dictionary
attacks, lowercase, uppercase, numbers, special characters, etc.)  If an
administrator has a low password rating, it should give them a stern warning
that they should change their password immediately.

At the change password screen in "my preferences", a password meter, similar to
Gmail's (visit, click "Sign up for Gmail", and type a password into
the form) should trigger, forcing a minimum password length, and showing a user
their password strength.

This meter would also show up upon the creation of a new account.

Ideally, this option, and things like minimum password length, rating at which
an admin is warned that their password is weak, etc., would be site-configurable
via the config file.
Comment 1 Aryeh Gregor (not reading bugmail, please e-mail directly) 2007-05-08 00:33:02 UTC

*** This bug has been marked as a duplicate of 3348 ***

Note You need to log in before you can comment on or make changes to this bug.