Last modified: 2007-05-08 00:33:02 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T11834, the corresponding Phabricator task for complete and up-to-date bug report information.

Bug 9834 - Password strength judgment upon logon, then password change


Summary:	Password strength judgment upon logon, then password change

Status:	RESOLVED DUPLICATE of bug 3348

Product:	MediaWiki
Classification:	Unclassified
Component:	User login and signup (Other open bugs)
Version:	unspecified
Hardware:	PC Windows XP

Importance:	Normal normal (vote)
Target Milestone:	---
Assigned To:	Nobody - You can work on this!

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2007-05-08 00:29 UTC by Ral315
Modified:	2007-05-08 00:33 UTC (History)
CC List:	0 users

See Also:
Web browser:	---
Mobile Platform:	---
Assignee Huggle Beta Tester:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Ral315 2007-05-08 00:29:11 UTC

MediaWiki should, upon first logon, grab an existing user's password, and give
it some sort of rating based on password strength (vulnerability to dictionary
attacks, lowercase, uppercase, numbers, special characters, etc.)  If an
administrator has a low password rating, it should give them a stern warning
that they should change their password immediately.

At the change password screen in "my preferences", a password meter, similar to
Gmail's (visit gmail.com, click "Sign up for Gmail", and type a password into
the form) should trigger, forcing a minimum password length, and showing a user
their password strength.

This meter would also show up upon the creation of a new account.

Ideally, this option, and things like minimum password length, rating at which
an admin is warned that their password is weak, etc., would be site-configurable
via the config file.

Comment 1 Aryeh Gregor (not reading bugmail, please e-mail directly) 2007-05-08 00:33:02 UTC


*** This bug has been marked as a duplicate of 3348 ***

Wikimedia Bugzilla is closed!

Search

Personal tools

Navigation

Links