[wp-trac] [WordPress Trac] #35817: Force users to set strong passwords
WordPress Trac
noreply at wordpress.org
Fri Sep 9 20:51:33 UTC 2016
#35817: Force users to set strong passwords
----------------------------+------------------------------
Reporter: ericlewis | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version: 0.71
Severity: normal | Resolution:
Keywords: 2nd-opinion | Focuses: ui
----------------------------+------------------------------
Comment (by ericlewis):
Replying to [comment:10 ericlewis]:
> * If we required strong passwords, users would probably do the least
minimum change to their weak password to meet the rule. eg. instead of
`june2286` I might use `june2286!` and perhaps reuse this password across
different websites.
I think this is okay. Stronger passwords are preferable to weak passwords.
> * This may or may not align with project goals.
I would say that security is a feature, and protecting sites from basic
brute-force attacks make WordPress a better experience out-of-the-box.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/35817#comment:12>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list