[wp-trac] [WordPress Trac] #35817: Force users to set strong passwords
WordPress Trac
noreply at wordpress.org
Tue Aug 9 16:53:01 UTC 2016
#35817: Force users to set strong passwords
----------------------------+------------------------------
Reporter: ericlewis | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version: 0.71
Severity: normal | Resolution:
Keywords: 2nd-opinion | Focuses: ui
----------------------------+------------------------------
Comment (by ericlewis):
Replying to [comment:4 Presskopp]:
> If grandma wants 'Daisy0105' and the system responds with "Error: You
are forced to use "?$hZF{hellofapasswordRL#Q#W" or something, because we
say so", grandma will hate it.
I would prefer we not deal in stereotypes like "grandma." My mother is a
grandmother. She is internet literate and employs a system to manage her
strong passwords, which she understands are important for user security
and privacy.
Allowing users to easily enter weak passwords makes a WordPress site an
easy target for hacker groups. Brute force user login attacks happen. I
recognize this would implicitly force a lot of users to learn how to
manage a strong password. I think this is good, and as a popular content
management system for digital publishing we will be pushing forward
internet literacy.
We could do something for developers to allow weak passwords for dev
sites. Alternatively developers could also figure out how to manage strong
passwords at scale.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/35817#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list