On Tue, 27 Sept 2022 at 16:48, Jeffrey Walton <noloa...@gmail.com> wrote:
> I was wandering through > https://www.cryptopp.com/wiki/Special:PasswordPolicies , which comes > from Mediawiki 1.38.2. > > The first line for Autoconfirmed Users says: > > Password must be at least 1 character long > (MinimalPasswordLength) (suggest change on login) > > I think there are several problems with the page in general and text > in particular. First, a 1 character password is not really acceptable > in practice. It is probably time to increase the size of a minimum > password, to something like 16. > That is the default for unprivileged users, yes. The default for bots, sysops, interface-admins, and bureaucrats is 10. Obviously each wiki's sysadmins can set it whatever they like. Raising the default to some value above 1 (before MW 1.27 in 2015 the default was 0) is a nice idea, though potentially breaking a few users' set-ups. We raised it to 8 for Wikimedia accounts years ago, so I'll propose this change for MW 1.40. Second, the referenced variable, MinimalPasswordLength, is deprecated. > Or $wgMinimalPasswordLength is deprecated. > https://www.mediawiki.org/wiki/Manual:$wgMinimalPasswordLength > > It might be a good idea for someone to visit the documentation for > Special:PasswordPolicies and maybe update it. > That's not a variable, it's the flag for wgPasswordPolicy. See https://www.mediawiki.org/wiki/Manual:$wgPasswordPolicy for more details. J. -- *James D. Forrester* (he/him <http://pronoun.is/he> or they/themself <http://pronoun.is/they/.../themself>) Wikimedia Foundation <https://wikimediafoundation.org/>
_______________________________________________ MediaWiki-l mailing list -- mediawiki-l@lists.wikimedia.org To unsubscribe send an email to mediawiki-l-le...@lists.wikimedia.org https://lists.wikimedia.org/postorius/lists/mediawiki-l.lists.wikimedia.org/
