[wp-trac] [WordPress Trac] #21737: Users should have to jump through hoops to set passwords of their choosing, and we should guard better against weak passwords
WordPress Trac
noreply at wordpress.org
Fri Aug 16 21:02:28 UTC 2013
#21737: Users should have to jump through hoops to set passwords of their choosing,
and we should guard better against weak passwords
----------------------------+-----------------------
Reporter: markjaquith | Owner: westi
Type: task (blessed) | Status: accepted
Priority: normal | Milestone: 3.7
Component: Security | Version:
Severity: normal | Resolution:
Keywords: |
----------------------------+-----------------------
Comment (by nacin):
Things get concatenated anyway in the admin, so I have little objection to
keeping them separate. The benefit of keeping zxcvbn-async.js separate is
that, as it is an external library, others can use it. And the library is
realistically big enough to require async uploading for all usage.
If we want everyone to use our password-strength-meter.js file, then we
should move it out of wp-admin. That said, it seems pretty specific to
*our* meter, which may not be the only use case of zxcvbn. It would also
be nice to just keep the separation from our code and their code — though
the async script is indeed tiny, and also modified by us for the script
location. I don't have a strong preference either way.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/21737#comment:34>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list