[wp-meta] [Making WordPress.org] #277: [codex] Some symbols are not allowed in password

Making WordPress.org noreply at wordpress.org
Fri Jul 11 14:56:49 UTC 2014 

#277: [codex] Some symbols are not allowed in password
----------------------+-------------------
  Reporter:  wikicms  |      Owner:
      Type:  defect   |     Status:  new
  Priority:  normal   |  Component:  Codex
Resolution:           |   Keywords:
----------------------+-------------------

Comment (by iandunn):

 I ran into this today after resetting my password yesterday. I could log
 in to WP installs, but couldn't commit to `plugins.svn`. I was able to
 commit again again after resetting to a new password. I'm just using the
 standard command line client (version 1.8.1) on OS X, with everything in
 English.

 I ran a series of tests to isolate the characters causing the problem and
 found that both `'` and `"` blocked me from committing.
 [[br]]

 > Not much we can really do about it except to make those symbols not
 allowed everywhere, most likely, and I don't think that is reasonable. Not
 everybody needs to log into the codex or push updates to the plugin SVN.

 Given the alternatives, that doesn't seem unreasonable to me. It's a lot
 simpler that expecting the tens of thousands of codex/plugin users to
 realize that the reason they're having problems is because of a password
 they created months/years ago, especially when that password has been
 working for them on all other parts of the network, and especially if it's
 their first time creating a plugin and they're not sure if they have their
 SVN client setup correctly to begin with. Even if they do realize their
 password is the problem, they then have to find and avoid the breaking
 characters by trial and error.

 Either way we're going to frustrate some group of people. The choice is
 between a minor annoyance for a large number of people, or a very
 frustrating experience for a small group of people. Personally, I think
 the former is better than the latter. We should be encouraging people to
 use randomly generated passwords anyway, so in that case there's nothing
 special about any individual character, so they won't care if they can't
 use it.

 If we don't want to do that, though, what about displaying a warning to
 the user that using `'` and `"` will prevent them from committing to the
 plugin repo? If we don't want most users to see it, we could have JS only
 display it if an `'` or `"` is detected.

--
Ticket URL: <https://meta.trac.wordpress.org/ticket/277#comment:11>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org

More information about the wp-meta mailing list