Implement password strength policy for AMO admin users

RESOLVED FIXED in 6.1.0

Status

P3
normal
RESOLVED FIXED
8 years ago
3 years ago

People

(Reporter: clyon, Assigned: andy+bugzilla)

Tracking

(Blocks: 1 bug)

unspecified
6.1.0

Details

(Reporter)

Description

8 years ago
This bug is different than bug #531868 where we are forcing admins/editors/reviews or users with higher privileges to have a stronger password.

1) Require minimum password length of 8 characters
2) Passwords must require letters and numbers 
3) Show password strength meter on account creation and account edit pages.
(Assignee)

Updated

7 years ago
Assignee: nobody → amckay
Severity: critical → normal
Target Milestone: --- → 6.1.0
(Assignee)

Comment 1

7 years ago
On account creation, we won't know the level of privileges that the user has, so it would just be on account edit pages, which a user might not visit.
That's all we can do for now (and for this bug).  If people have great ideas for enhancements please file new bugs.
(Assignee)

Comment 3

7 years ago
https://github.com/jbalogh/zamboni/commit/f168a17b29a5a22a2850c67a40638bbd0f8f2f6b
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
(Assignee)

Comment 4

7 years ago
Validation is triggering on any save of the edit profile page.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
(Assignee)

Comment 5

7 years ago
https://github.com/jbalogh/zamboni/commit/e8dc2b0312b50f62ef98991336d34e69b01b4493
Status: REOPENED → RESOLVED
Last Resolved: 7 years ago7 years ago
Resolution: --- → FIXED

Comment 6

7 years ago
I was able to reset my password to just be words. This is for my admin account.

STR:
1. Request to reset your password
2. Set your new password to something like 'dandelion'
3. Save changes

expected behavior:
Admin accounts need password with letters and numbers 

actual behavior:
Password without numerals is saved.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
(Assignee)

Comment 7

7 years ago
https://github.com/jbalogh/zamboni/commit/c8a8bcd05143260cab0cdb253efe887d8a65fd3c
Status: REOPENED → RESOLVED
Last Resolved: 7 years ago7 years ago
Resolution: --- → FIXED
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.