Issue #702 has been updated by Clément OUDOT.
Enrico Cavalli wrote: > Yes, but what puzzles me is (using your example conf) > > ABa!XXXXXXX > > scores > > - AB --> 1 point (since minUpper = 2) > - a ---->1 point (even if there are no minimum requirements on lower case > letters) > - ! -----> 1 point (event if no minimum requirements) > > so minDigit 1 is not enforced > > Am I wrong? Yes password quality gets a point for each class of character found (lower, upper, digit, punctuation). This is independent of minLower, etc. In your example: ABa!XXXXXXX scores - A --> 1 point (an upper letter was found) - B --> 0 point (we already had that class of character) - a --> 1 point (a lower letter was found) - ! --> 1 point (a punctuation was found) Then, password checker will also verify other conditions: - AB --> ok, minUpper is verified - no digit -> ko, minDigit is not verified ---------------------------------------- Bug #702: check_password.c not clear about minimum characters http://tools.lsc-project.org/issues/702 Author: Enrico Cavalli Status: New Priority: Normal Assigned to: Category: OpenLDAP check password Target version: At least for me, the check_password module is not very clear about minimum characters requested per class. For instance minLower=0 or minLower=1 has the same effect (so the first occurrence of a lower case character scores +1 quality point). How about changing the code like this? if ( minLower && islower(pPasswd[i]) ) This way a minLower=0 means that lower case letters do not contribute to complexity, independently of their quantity.... The same of course for uppercase, numbers, and punctuation. This is just a suggestion which comes from my understanding of the inner working of the module. It may be just a very stupid idea! Thank you anyway, Enrico. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
_______________________________________________ ltb-dev mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-dev
