FS#77549 - bugs.archlinux.org Registration: Maximum password length unknown but oversized passwords accepted
Attached to Project:
Arch Linux
Opened by Christian Buhtz (buhtz) - Friday, 17 February 2023, 06:56 GMT
Last edited by Toolybird (Toolybird) - Monday, 20 February 2023, 04:23 GMT
Opened by Christian Buhtz (buhtz) - Friday, 17 February 2023, 06:56 GMT
Last edited by Toolybird (Toolybird) - Monday, 20 February 2023, 04:23 GMT
|
Details
Hello,
I just registered an account on bugs.archlinux.org. The problem with the bugtracker frontend while the registration process is 1. It accepts oversized (to long) passwords without reporting this as an error. 2. The registration process doesn't inform about the maximum accepted length of a password. It just reports the minimum with 5. The latter is IMHO to minimum by the way. Excepted behavior: Mention all existing password restrictions including maximum password length in the registration form. Do give an error if the password is to long. Don't just set the maximum chars field of the HTML forms field. This would result in the behavior that the string a user put in there is cutted without informing the user. |
This task depends upon
Closed by Toolybird (Toolybird)
Monday, 20 February 2023, 04:23 GMT
Reason for closing: Duplicate
Additional comments about closing: FS#39816
Monday, 20 February 2023, 04:23 GMT
Reason for closing: Duplicate
Additional comments about closing:
FS#72896for example "flyspray is sadly unmaintained so nothing we can fix."I think the long term plan is to migrate bug reporting to Arch's GitLab instance. (as an aside: I personally think that will place too high a barrier to entry, with SSO requirements etc. I know of no other open source project with such requirements just to report a bug).
Despite its warts, flyspray still does a reasonable job.
This password length issue has come up before in
FS#39816. But unfortunately I don't think we can fix it.