Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SR] Check "Reject weak passwords" option by default on new installs #5851

Open
jenlampton opened this issue Nov 1, 2022 · 2 comments
Open

[SR] Check "Reject weak passwords" option by default on new installs #5851

jenlampton opened this issue Nov 1, 2022 · 2 comments
Labels
good first issue milestone candidate - bug type - task
Milestone
1.30.1

Comments

@jenlampton
Copy link
Member

jenlampton commented Nov 1, 2022
edited
Loading

We've gotten several reports on hunter.dev about backdrop allowing weak passwords by default. I agree that it would be better to check this box by default, for new installs. For those who prefer to allow weak passwords on local sites for development, they will still have the option to disable it.

I propose we introduce this change as a security hardening.

Related:
@klonos
Copy link
Member

klonos commented Nov 3, 2022
edited
Loading

This makes sense (so long as we make this the default for new installations and don't change existing sites).

@yorkshire-pudding
Copy link
Member

Makes sense to me

@jenlampton jenlampton added this to the 1.30.1 milestone Feb 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue milestone candidate - bug type - task
Projects
None yet
Milestone
1.30.1
Development

No branches or pull requests
3 participants
@jenlampton @klonos @yorkshire-pudding