diff options
| author | Dylan Hardison <dylan@mozilla.com> | 2015-11-04 23:51:25 +0100 |
|---|---|---|
| committer | Dylan Hardison <dylan@mozilla.com> | 2015-11-04 23:51:25 +0100 |
| commit | 3238e2d9fcd532807847556514c0519fa0869b14 (patch) | |
| tree | c9593bb3f49ea28e52ca170fad91e1fc8f2cd707 /Bugzilla/User.pm | |
| parent | 7f43eebe16d93b9ba0eef6a42b570b594dc33da6 (diff) | |
| download | bugzilla-3238e2d9fcd532807847556514c0519fa0869b14.tar.gz bugzilla-3238e2d9fcd532807847556514c0519fa0869b14.tar.xz | |
Bug 1177911 - Determine and implement better password requirements for BMO
Diffstat (limited to 'Bugzilla/User.pm')
| -rw-r--r-- | Bugzilla/User.pm | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index ebd82002f..1a0deed6b 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -2482,15 +2482,16 @@ sub validate_password_check { } my $complexity_level = Bugzilla->params->{password_complexity}; - if ($complexity_level eq 'letters_numbers_specialchars') { - return 'password_not_complex' - if ($password !~ /[[:alpha:]]/ || $password !~ /\d/ || $password !~ /[[:punct:]]/); - } elsif ($complexity_level eq 'letters_numbers') { - return 'password_not_complex' - if ($password !~ /[[:lower:]]/ || $password !~ /[[:upper:]]/ || $password !~ /\d/); - } elsif ($complexity_level eq 'mixed_letters') { - return 'password_not_complex' - if ($password !~ /[[:lower:]]/ || $password !~ /[[:upper:]]/); + if ($complexity_level eq 'bmo') { + my $features = 0; + + $features++ if $password =~ /[a-z]/; + $features++ if $password =~ /[A-Z]/; + $features++ if $password =~ /[0-9]/; + $features++ if $password =~ /[^A-Za-z0-9]/; + $features++ if length($password) > 12; + + return 'password_not_complex' if $features < 3; } # Having done these checks makes us consider the password untainted. |