[wp-trac] [WordPress Trac] #57811: Should application password be usable for logins
WordPress Trac
noreply at wordpress.org
Mon Mar 6 17:33:01 UTC 2023
#57811: Should application password be usable for logins
------------------------------------+------------------------------
Reporter: Clorith | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Login and Registration | Version: 5.6
Severity: normal | Resolution:
Keywords: | Focuses:
------------------------------------+------------------------------
Comment (by georgestephanis):
Hrm. As wide ranging as the .org login system is, it'd need a lot of
testing to make sure we're handling all the edge cases.
I also don't know how passwords sync with svn and such on that systems
end. If it's a cli call to WP to say "hey is this username/pw valid" it
would be doable, but if it's just querying the data in the users table it
would need more workarounds to handle.
Also, if we were to update things to disallow normal passwords for these
systems and require application passwords, it would require a lot of
services and integrations to generate new passwords and may break sparsely
maintained ones for a time. Which may be good or bad depending on your
perspective.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/57811#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list