Go to main content

Navigation menu

Textpattern CMS support forum

You are not logged in. Register | Login | Help

  1. Index
  2. » How do I…?
  3. » Password complexity & user creation

Pages: 1

#1 2025-01-25 17:43:01

albatros69
Member
Registered: 2021-06-17
Posts: 25

Password complexity & user creation

Dear all,

Is there any mean to enforce a minimum complexity for user passwords? Maybe some plugin or hidden feature?
I’m also wondering if there is a mean to delegate the user creation to someone, without giving him/her the admin rights.
Regards,

Offline

#2 2025-01-25 17:52:47

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 11,642
Website GitHub

Re: Password complexity & user creation

Complexity: no. We had a meter in an earlier version but removed it. Passwords that enforce a minimum number of symbols and numbers and whatnot are not only more difficult to remember and more difficult to type on virtual keyboards, but also no more secure than four random words.

User creation is restricted to Publisher level accounts. But if you install a plugin like smd_user_manager, you can create new user tiers and assign custom permissions. So you could tweak the managing editor role to include user creation. Or create a dedicated user group just for general admin purposes.

Hope that helps.

The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#3 2025-01-26 03:00:34

bici
Member
From: vancouver
Registered: 2004-02-24
Posts: 2,111
Website Mastodon

Re: Password complexity & user creation

Bloke wrote #338903:

Complexity: no. We had a meter in an earlier version but removed it. Passwords that enforce a minimum number of symbols and numbers and whatnot are not only more difficult to remember and more difficult to type on virtual keyboards, but also no more secure than four random words.

been using three random words as a string for 30 years. On at least 10 websites and email accounts. no problems. One string has not changed ONCE in 30 years in spite of warnings that it was hacked. piffle!

…. texted postive

Offline

#4 2025-01-29 20:01:49

albatros69
Member
Registered: 2021-06-17
Posts: 25

Re: Password complexity & user creation

Hi all,

I agree with you all: that might not be a perfect solution. But at least, it would be great to ensure the password is of sufficient length.

Last edited by albatros69 (2025-01-29 20:02:07)

Offline

#5 2025-01-29 22:38:46

skewray
Member
From: Sunny Southern California
Registered: 2013-04-25
Posts: 216
Website

Re: Password complexity & user creation

I’ve always wanted to write a password creation tool that rejects everything. No matter what you have for your current password suggestion, it finds something objectionable.

Last edited by skewray (2025-01-30 04:17:22)

Offline

#6 2025-01-30 02:54:08

bici
Member
From: vancouver
Registered: 2004-02-24
Posts: 2,111
Website Mastodon

Re: Password complexity & user creation

skewray wrote #338963:

I’ve always wanted to write a password creation tool that rejects everything. No matter what you have for your current password suggestion, if finds something objectionable.

Have you enlisted the help of my wife?

…. texted postive

Offline

Pages: 1

  1. Index
  2. » How do I…?
  3. » Password complexity & user creation

Board footer

Powered by FluxBB