Right, this is a bug. Reported here:
https://github.com/web2py/web2py/issues/1800
Anthony
On Tuesday, November 7, 2017 at 2:41:12 PM UTC-5, mark.phi...@gmail.com
wrote:
>
> I just encountered the same problem that was described above.
> I use the "auth.settings.password_min_length" variable
First, the default validator is not IS_STRONG -- it is simply CRYPT with
min_length set to auth.settings.password_min_length (which defaults to 4).
Second, on the password change form, the validator is not ignored, but the
min_length of CRYPT is set to 1 for the "Old Password" field only (this
I was able to setup IS_STRONG like this:
db.auth_user.password.requires.insert(0, IS_STRONG())
Be careful, after doing this users wont be able to log in if their password
is not strong, validated.
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
-
3 matches
Mail list logo