Bug #3360
Password criteria need to be specified/enforced
| Status: | New | Start date: | 05/11/2014 | |
|---|---|---|---|---|
| Priority: | Immediate | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | - | Spent time: | - | |
| Target version: | - | |||
| Component: |
Description
First off; thanks for the great work on this project!
I noticed that I could register for an OSTel account with a complex password that would allow me to login to the ostel.co website but the same password would not be accepted by either Linphone and CSipSimple. This appears to be the case because I could connect on Linphone and CSipSimple when I changed my password to a simple password. Either support for complex passwords (e.g., long password, special characters, etc.) needs to be added or the constraints for a password need to be clarified, enforced when the user signs up and clearly communicated to the user.
This issue needs immediate attention imho, as it is quite a frustrating process to figure out why you cannot get the apps to work and potentially uncovers a weakness in the passwords criteria (e.g. if it is limited to a low maximum number of characters).