Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Request Tracker: Users

MinPasswordLength Not Working

 

 

Request Tracker users RSS feed   Index | Next | Previous | View Threaded


simmons at ama-inc

Aug 16, 2012, 7:02 AM

Post #1 of 6 (834 views)
Permalink
MinPasswordLength Not Working

Hello,

I am unable to get minimum password length enforcement working on a new 4.0.4 install. I have added:

Set($MinPasswordLength , '10');


simmons at ama-inc

Aug 16, 2012, 7:17 AM

Post #2 of 6 (803 views)
Permalink
Re: MinPasswordLength Not Working [In reply to]

Apologies, my message was sent before I finished it.

I am unable to get minimum password length enforcement working on a new 4.0.4 install. I have added:

Set($MinPasswordLength , '10');

to my RT_SiteConfig.pm, stopped Apache, cleared the mason cache and restarted Apache, however the new settings do not take effect. RT still accepts a 5 character password and if I try a password with less than 5 characters, RT still states the minimum length is still 5.

While searching online, I found this old thread where someone was experiencing the same problem with 3.8.2.
http://old.nabble.com/MinPasswordLength-and-additional-password-rules-td23560536.html

Can someone advise - is this a long-standing bug? Was support for MinPasswordLength removed at some point? I appreciate any input.

Thanks,
Thomas

From: Thomas Simmons
Sent: Thursday, August 16, 2012 10:03 AM
To: 'rt-users [at] lists'
Subject: MinPasswordLength Not Working

Hello,

I am unable to get minimum password length enforcement working on a new 4.0.4 install. I have added:

Set($MinPasswordLength , '10');


falcone at bestpractical

Aug 16, 2012, 10:04 AM

Post #3 of 6 (803 views)
Permalink
Re: MinPasswordLength Not Working [In reply to]

On Thu, Aug 16, 2012 at 02:17:49PM +0000, Thomas Simmons wrote:
> I am unable to get minimum password length enforcement working on a new 4.0.4 install. I have
> added:
>
> Set($MinPasswordLength , '10');
>
> to my RT_SiteConfig.pm, stopped Apache, cleared the mason cache and restarted Apache, however
> the new settings do not take effect. RT still accepts a 5 character password and if I try a
> password with less than 5 characters, RT still states the minimum length is still 5.
>
>
>
> While searching online, I found this old thread where someone was experiencing the same
> problem with 3.8.2.
>
> [1]http://old.nabble.com/MinPasswordLength-and-additional-password-rules-td23560536.html
>
>
>
> Can someone advise - is this a long-standing bug? Was support for MinPasswordLength removed at
> some point? I appreciate any input.

The config option is called MinimumPasswordLength, not
MinPasswordLength. It works fine for me.

-kevin


ptomblin at xcski

Aug 16, 2012, 10:08 AM

Post #4 of 6 (806 views)
Permalink
Re: MinPasswordLength Not Working [In reply to]

On Thu, Aug 16, 2012 at 1:04 PM, Kevin Falcone <falcone [at] bestpractical>wrote:

> The config option is called MinimumPasswordLength, not
> MinPasswordLength. It works fine for me.
>

And just as an aside, if you force your users to use 10 character
passwords, I can *guarantee* that most of them will have them written down
on a post-it note, either right on their screen, or under their desk
drawer. Hackers know this. Heck, even janitors know this.


--
http://www.linkedin.com/in/paultomblin
http://careers.stackoverflow.com/ptomblin


simmons at ama-inc

Aug 16, 2012, 11:08 AM

Post #5 of 6 (796 views)
Permalink
Re: MinPasswordLength Not Working [In reply to]

Thank you, Kevin. That works!

All of the documentation I found stated MinPasswordLength. Do you have the ability to correct this information on the page below? The first one looks like it was last updated by you, but it's "wiki-archive", so I don't know if it can be updated at all?

http://wiki-archive.bestpractical.com/view/SiteConfig/4819

Also here (I don't know if this is "Official RT documentation")

http://requesttracker.wikia.com/wiki/SiteConfig

And there is this random page?

http://requesttracker.wikia.com/wiki/MinPasswordLength

Again, thanks for your help.


-----Original Message-----
From: rt-users-bounces [at] lists [mailto:rt-users-bounces [at] lists] On Behalf Of Kevin Falcone
Sent: Thursday, August 16, 2012 1:05 PM
To: rt-users [at] lists
Subject: Re: [rt-users] MinPasswordLength Not Working

On Thu, Aug 16, 2012 at 02:17:49PM +0000, Thomas Simmons wrote:
> I am unable to get minimum password length enforcement working on a new 4.0.4 install. I have
> added:
>
> Set($MinPasswordLength , '10');
>
> to my RT_SiteConfig.pm, stopped Apache, cleared the mason cache and restarted Apache, however
> the new settings do not take effect. RT still accepts a 5 character password and if I try a
> password with less than 5 characters, RT still states the minimum length is still 5.
>
>
>
> While searching online, I found this old thread where someone was experiencing the same
> problem with 3.8.2.
>
>
> [1]http://old.nabble.com/MinPasswordLength-and-additional-password-rul
> es-td23560536.html
>
>
>
> Can someone advise - is this a long-standing bug? Was support for MinPasswordLength removed at
> some point? I appreciate any input.

The config option is called MinimumPasswordLength, not MinPasswordLength. It works fine for me.

-kevin


falcone at bestpractical

Aug 20, 2012, 7:35 AM

Post #6 of 6 (756 views)
Permalink
Re: MinPasswordLength Not Working [In reply to]

On Thu, Aug 16, 2012 at 06:08:29PM +0000, Thomas Simmons wrote:
> All of the documentation I found stated MinPasswordLength.

The official documentation that ships with RT is
/opt/rt4/etc/RT_Config.pm for config options.

> Do you have the ability to correct this information on the page below?
> The first one looks like it was last updated by you, but it's "wiki-
> archive", so I don't know if it can be updated at all?
>
> http://wiki-archive.bestpractical.com/view/SiteConfig/4819

As you noted, this is old and out of date

> Also here (I don't know if this is "Official RT documentation")
>
> http://requesttracker.wikia.com/wiki/SiteConfig
>
> http://requesttracker.wikia.com/wiki/MinPasswordLength

These can both be updated by anyone since they're wiki pages.
You don't even need to make a wikia account to fix them.

-kevin

>
> -----Original Message-----
> From: rt-users-bounces [at] lists [mailto:rt-users-bounces [at] lists] On Behalf Of Kevin Falcone
> Sent: Thursday, August 16, 2012 1:05 PM
> To: rt-users [at] lists
> Subject: Re: [rt-users] MinPasswordLength Not Working
>
> On Thu, Aug 16, 2012 at 02:17:49PM +0000, Thomas Simmons wrote:
> > I am unable to get minimum password length enforcement working on a new 4.0.4 install. I have
> > added:
> >
> > Set($MinPasswordLength , '10');
> >
> > to my RT_SiteConfig.pm, stopped Apache, cleared the mason cache and restarted Apache, however
> > the new settings do not take effect. RT still accepts a 5 character password and if I try a
> > password with less than 5 characters, RT still states the minimum length is still 5.
> >
> >
> >
> > While searching online, I found this old thread where someone was experiencing the same
> > problem with 3.8.2.
> >
> >
> > [1]http://old.nabble.com/MinPasswordLength-and-additional-password-rul
> > es-td23560536.html
> >
> >
> >
> > Can someone advise - is this a long-standing bug? Was support for MinPasswordLength removed at
> > some point? I appreciate any input.
>
> The config option is called MinimumPasswordLength, not MinPasswordLength. It works fine for me.
>
> -kevin
>

Request Tracker users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.