[Bug 821727] Re: Remove "strong" password requirements
OK, the existing validation code is less strict (@joey *except* for canonical employees who have stricter requirements). Essentially: Validation is successful if: - password contains at least 8 characters - password contains only ascii characters This has been the case since 2012-12-19, it's just that the report had remained open since then. I don't think requiring at least 8 chars is unreasonable, and that's currently the only "attempt" to force the password to contain more information". I think this solves the initial request so I'll close this report. ** Changed in: canonical-identity-provider Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/821727 Title: Remove "strong" password requirements To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-identity-provider/+bug/821727/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 821727] Re: Remove "strong" password requirements
Howdy, please note that this bug's request cannot be applied to ~canonical and Canonical employees. Should there be a question about this, please contact me directly. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/821727 Title: Remove "strong" password requirements To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-identity-provider/+bug/821727/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 821727] Re: Remove "strong" password requirements
Have to agree with @Stuart - I actually did not create an account because of the password requirements. If it get's resolved I'll switch over to using ubuntu one. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/821727 Title: Remove "strong" password requirements To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-identity-provider/+bug/821727/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 821727] Re: Remove "strong" password requirements
** Tags removed: buy-software ** Tags added: buying-software -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/821727 Title: Remove "strong" password requirements To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-identity-provider/+bug/821727/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 821727] Re: Remove "strong" password requirements
** Tags added: buy-software -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/821727 Title: Remove "strong" password requirements To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-identity-provider/+bug/821727/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 821727] Re: Remove "strong" password requirements
I couldn't register with my 27 character password, which contained symbols. I don't have a problem with enforcing some minimum password strength, but I think the current determination of password strength is naive: http://xkcd.com/936/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/821727 Title: Remove "strong" password requirements To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-identity-provider/+bug/821727/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 821727] Re: Remove "strong" password requirements
My bug (885684) got merged into this one even though it's not quite the same thing. Specifically, I don't have a problem with requiring strong passwords, as long as the requirement is that they be strong in terms of bits of information, and that the user is allowed to meet this requirement as they please. What I think is bad is requiring a certain pattern (8 chars, one uppercase, one digit, etc.) as a half-baked attempt to force the password to contain more information. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/821727 Title: Remove "strong" password requirements To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-identity-provider/+bug/821727/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 821727] Re: Remove "strong" password requirements
We'd like to remove the *requirement* for a strong password and instead make it *recommended* with a password strength meter and accompanying advice about how to make it stronger if it's weak. ** Summary changed: - Remove "strong" password requirements for ubuntuone + Remove "strong" password requirements -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/821727 Title: Remove "strong" password requirements To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-identity-provider/+bug/821727/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 821727] Re: Remove "strong" password requirements
Marking as 'High' priority as user testing shows this is a major problem in the sign-up process. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/821727 Title: Remove "strong" password requirements To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-identity-provider/+bug/821727/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 821727] Re: Remove "strong" password requirements
We should have a minimum password length still, I think ** Changed in: canonical-identity-provider Status: New => Confirmed ** Changed in: canonical-identity-provider Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/821727 Title: Remove "strong" password requirements To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-identity-provider/+bug/821727/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 821727] Re: Remove "strong" password requirements for ubuntuone
** Also affects: canonical-identity-provider Importance: Undecided Status: New ** Changed in: ubuntuone-control-panel (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/821727 Title: Remove "strong" password requirements for ubuntuone To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-identity-provider/+bug/821727/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 821727] Re: Remove "strong" password requirements for ubuntuone
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/821727 Title: Remove "strong" password requirements for ubuntuone To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntuone-control-panel/+bug/821727/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
