[wp-trac] [WordPress Trac] #42766: Issue in update password From admin side and login ith same password

WordPress Trac noreply at wordpress.org
Mon Feb 17 17:49:50 UTC 2020 

#42766: Issue in update password From admin side and login ith same password
-------------------------------------+-------------------------------------
 Reporter:  ronakganatra             |       Owner:  adamsilverstein
     Type:  defect (bug)             |      Status:  assigned
 Priority:  normal                   |   Milestone:  5.4
Component:  Users                    |     Version:
 Severity:  normal                   |  Resolution:
 Keywords:  good-first-bug has-      |     Focuses:  ui, javascript,
  patch has-unit-tests needs-        |  administration, performance
  testing                            |
-------------------------------------+-------------------------------------
Changes (by nrqsnchz):

 * keywords:
     good-first-bug has-patch has-unit-tests needs-testing needs-design-
     feedback
     => good-first-bug has-patch has-unit-tests needs-testing


Comment:

 Discussed today during design triage meeting in Slack:
 https://wordpress.slack.com/archives/C02S78ZAL/p1581961322460700

 >Do we want a password of only spaces/space-like characters (e.g. tabs
 maybe if pasted in) to be allowed?

 Not sure if this can be answered by the design team. This seems more like
 a security or compliance issue.

 >If the second case, then when creating the user, should the feedback to
 the user change at all, since they did enter a non-empty password and the
 error message would be "password empty"?

 If the password is rejected because it contains empty spaces, and these
 are forbidden, then yes, the error messages should be clear and indicate
 why the password is being rejected.

 >Should the updating user page be able to update (e.g. click the button)
 if the only thing updated is the password, and it's an invalid password

 I don't think so. If an error has occurred, this should be communicated to
 the user instead of falsely making them believe the operation was a
 success.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/42766#comment:20>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list