Password complexity verification flawed in WordPress 3.7 - page 2 | WordPress.org

benjaminrwalsh
(@benjaminrwalsh)

10 years, 5 months ago

Attention WordPress developers:

Password “padding” is a highly effective method for making complex passwords that are easy to remember. Consider the example password “88888KaT_88888” which registers as “weak” according to WordPress 3.7. That is NOT a weak password. It contains upper and lower case letters with symbols, and is over 14 characters long without any dictionary words!

It is a pain to require ridiculously complex passwords — there’s no need for this. I don’t want to spend all day resetting and typing passwords when it’s completely unnecessary.

WordPress 3.7’s password complexity check is flawed.

Viewing 16 replies (of 16 total)

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

9 years, 9 months ago

You’re using a hammer instead if a screwdriver in this case.

WordPress isn’t a password management tool, it’s just trying to help stop the rampant abuse of passwords like 123456 and I wish I was exaggerating.

Use 1Password or LastPass for good, secure, password storage and generation.

Viewing 16 replies (of 16 total)

The topic ‘Password complexity verification flawed in WordPress 3.7’ is closed to new replies.

Tags

passwords

In: Requests and Feedback
16 replies
11 participants
Last reply from: Ipstenu (Mika Epstein)
Last activity: 9 years, 9 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics