Foswiki on GitHub is open for business! Next release meeting: Monday September 29, 1300Z

Item2556: Increase default {MinPasswordLength} to 7 characters

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Enhancement Closed Engine    
The minimum password length out of the box on trunk and release branches at the moment is 1 character.

Are there any objections to increasing the default? 6 characters maybe?

-- PaulHarvey - 02 Jan 2010

No objections.

-- GilmarSantosJr - 02 Jan 2010

I had some trouble choosing a number.

I chose 7 characters because that's what Microsoft chose for their Server2003 product.

If users dislike this then they can change it in their configure settings (at least they're actively lowering it, instead of the previous situation which was that admins may not have realised the default minimum is only 1 char).

-- PaulHarvey - 05 Jan 2010

IMHO, 6 would be a nice default, as it is the default for many applications (at least the great majority of the ones I use).

-- GilmarSantosJr - 07 Jan 2010

Do you have an example application to study? Eg. gmail is 8 characters, I'm pretty sure Yahoo is too.

We could always make it 15 chars and promote passphrases instead! smile

-- PaulHarvey - 07 Jan 2010

I like the 7 char proposal (if users realize that they can't use the 6 char pwd they use for other apps, this may be a good thing; OTOH, they can always shout at the admins to lower the default to 6 or so like Gilmar suggested). smile

Of course, we could raise the default even more (the-wiki-engine-with-the-longest-default-password-length-are-us?), but I guess in most organizations this will be handled by means of integrated solutions (LDAP or other) anyway to provide a single-sign-on solution. Six chars should be the absolute minimum, though.

-- MarkusUeberall - 07 Jan 2010

If GMail is 8 and microsoft uses 7, then I'm outdated... anyway I encorage users to use at least 8 wink

-- GilmarSantosJr - 07 Jan 2010

I think 7 is a fine choice.

-- KennethLavrsen - 09 Jan 2010

ItemTemplate edit

Summary Increase default {MinPasswordLength} to 7 characters
ReportedBy PaulHarvey
Codebase 1.0.8, trunk
SVN Range
AppliesTo Engine
Component
Priority Enhancement
CurrentState Closed
WaitingFor
Checkins Foswikirev:5931
TargetRelease patch
ReleasedIn 1.0.9, 1.1.0
Topic revision: r12 - 17 Jan 2010, PaulHarvey
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License