User Password Validation Bug: Says unaccepted password okay before entering

Bug
1

Folks, my net admin is reporting a password bug he was able to repeat with a few patterns. I can’t send the original. I did get another password that duplicates the bug:

Password00!

The user password change UI says it will accept it (all red circles become white) but if you enter it it won’t be accepted. If there is an issue with the password that’s fine, but it should at least give a reason it can’t accept it. This can become confusing to users.

It would be cool if we could customize the password validation with an exposed regex option too, I’ll put that feature request in the Feature topic. But this bug/quirk would be nice to fix. Confused my net admin.

2

Cracklib says it’s based on a dictionary word.
I think it’s hard to capture cracklib warnings in the UI.

1 Like
3

My net admin tried a password with the word “grape” and it appeared to work. In any event, it’s confusing to users. I’ll try researching this cracklib warning issue and see if any ideas come to mind. Would be great to find a fix for this.

BTW: Grape2001! passes the password tests. :smiley:

3 Likes