specify password complexity rules

Locked
euro22
Joomla! Apprentice
Joomla! Apprentice
Posts: 21
Joined: Sun Jul 16, 2006 4:53 pm

specify password complexity rules

Post by euro22 » Mon Aug 14, 2006 12:12 pm

It should be possible to specify password complexity rules, e.g. use at least 6 characters, 2 numbers and 1 special character?

LudoA
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Thu Jul 27, 2006 2:35 pm

Re: specify password complexity rules

Post by LudoA » Wed Aug 16, 2006 1:29 pm

Yes that'd be a useful feature IMHO.

RAGEDBULL
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 164
Joined: Wed Jun 21, 2006 2:50 am

Re: specify password complexity rules

Post by RAGEDBULL » Wed Sep 06, 2006 7:42 pm

Please see root/components/com_registration/ directory. You could add in any rules you want and have the verified either by javscript in the front end or by PHP in the backend.

For example look at the function on line 74:

Code: Select all

function submitbutton_reg() {
			var form = document.mosForm;
			var r = new RegExp("[\<|\>|\"|\'|\%|\;|\(|\)|\&|\+|\-]", "i");

			// do field validation
			if (form.name.value == "") {
				alert( "<?php echo html_entity_decode(_REGWARN_NAME);?>" );
			} else if (form.username.value == "") {
				alert( "<?php echo html_entity_decode(_REGWARN_UNAME);?>" );
			} else if (r.exec(form.username.value) || form.username.value.length < 3) {
				alert( "<?php printf( html_entity_decode(_VALID_AZ09_USER), html_entity_decode(_PROMPT_UNAME), 2 );?>" );
			} else if (form.email.value == "") {
				alert( "<?php echo html_entity_decode(_REGWARN_MAIL);?>" );
			} else if (form.password.value.length < 6) {
				alert( "<?php echo html_entity_decode(_REGWARN_PASS);?>" );
			} else if (form.password2.value == "") {
				alert( "<?php echo html_entity_decode(_REGWARN_VPASS1);?>" );
			} else if ((form.password.value != "") && (form.password.value != form.password2.value)){
				alert( "<?php echo html_entity_decode(_REGWARN_VPASS2);?>" );
			} else if (r.exec(form.password.value)) {
				alert( "<?php printf( html_entity_decode(_VALID_AZ09), html_entity_decode(_REGISTER_PASS), 6 );?>" );
			} else {
				form.submit();
			}
		}


User avatar
eyezberg
Joomla! Hero
Joomla! Hero
Posts: 2860
Joined: Thu Aug 25, 2005 5:48 pm
Location: Geneva mostly
Contact:

Re: specify password complexity rules

Post by eyezberg » Wed Sep 06, 2006 8:30 pm

This should be handled while reworking / thinking the complete sign-up / login proces::

1. checkbox "i agree to terms and conditions" to comply with some countries laws (can be turned on/off in config)
2. possibility to delete my own account!
3. admin config for: password length etc (as req. here)
4. use mail-only to renew password (as mails are unique anyway)
5. set min. number of days, after which accounts get disabled if no login to site
6... ad yours here ;)
Sometimes one pays most for the things one gets for nothing.
The important thing is not to stop questioning. Curiosity has its own reason for existing. AE
http://joomla15.[URL banned].com for J! 1.5 screenshots
http://www.eyezberg.com

User avatar
Hackwar
Joomla! Virtuoso
Joomla! Virtuoso
Posts: 3788
Joined: Fri Sep 16, 2005 8:41 pm
Location: NRW - Germany
Contact:

Re: specify password complexity rules

Post by Hackwar » Wed Sep 06, 2006 8:40 pm

this could nicely be done by plugins. This would keep the registration component as simple as now, but allows for nice additions. I would say this is something for Joomla 2.0
god doesn't play dice with the universe. not after that drunken night with the devil where he lost classical mechanics in a game of craps.

Since the creation of the Internet, the Earth's rotation has been fueled, primarily, by the collective spinning of English teachers in their graves.

User avatar
eyezberg
Joomla! Hero
Joomla! Hero
Posts: 2860
Joined: Thu Aug 25, 2005 5:48 pm
Location: Geneva mostly
Contact:

Re: specify password complexity rules

Post by eyezberg » Wed Sep 06, 2006 8:47 pm

Maybe, but I wonder why legal considerations (obligations!) are not dealt with more speedily?
Such options should really be built-in, even if not relevant to all countries. A German user needs to first find the unregister component to make a legal site now. In Italy apparently the T&C are requiered by law. In the UK, your site has to be accessible else it's illegal and you can be sued.
I am fully aware of the many different countries and related laws, but Core includes dev's from many of them, and all international communities can be asked to provide feedback about legal requierements; once integrated, J! could be ok in all countries out of the box.
Plugins sounds nice, as they could be included in unpublished state, and each then publishes his/her own ;)
Sometimes one pays most for the things one gets for nothing.
The important thing is not to stop questioning. Curiosity has its own reason for existing. AE
http://joomla15.[URL banned].com for J! 1.5 screenshots
http://www.eyezberg.com


Locked

Return to “Wishlist Archives - Archived”