From 3238e2d9fcd532807847556514c0519fa0869b14 Mon Sep 17 00:00:00 2001 From: Dylan Hardison Date: Wed, 4 Nov 2015 17:51:25 -0500 Subject: Bug 1177911 - Determine and implement better password requirements for BMO --- Bugzilla/Config/Auth.pm | 5 ++--- Bugzilla/User.pm | 19 ++++++++++--------- 2 files changed, 12 insertions(+), 12 deletions(-) (limited to 'Bugzilla') diff --git a/Bugzilla/Config/Auth.pm b/Bugzilla/Config/Auth.pm index 36287b107..ac5394f04 100644 --- a/Bugzilla/Config/Auth.pm +++ b/Bugzilla/Config/Auth.pm @@ -132,9 +132,8 @@ sub get_param_list { { name => 'password_complexity', type => 's', - choices => [ 'no_constraints', 'mixed_letters', 'letters_numbers', - 'letters_numbers_specialchars' ], - default => 'no_constraints', + choices => [ 'no_constraints', 'bmo' ], + default => 'bmo', checker => \&check_multi }, diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index ebd82002f..1a0deed6b 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -2482,15 +2482,16 @@ sub validate_password_check { } my $complexity_level = Bugzilla->params->{password_complexity}; - if ($complexity_level eq 'letters_numbers_specialchars') { - return 'password_not_complex' - if ($password !~ /[[:alpha:]]/ || $password !~ /\d/ || $password !~ /[[:punct:]]/); - } elsif ($complexity_level eq 'letters_numbers') { - return 'password_not_complex' - if ($password !~ /[[:lower:]]/ || $password !~ /[[:upper:]]/ || $password !~ /\d/); - } elsif ($complexity_level eq 'mixed_letters') { - return 'password_not_complex' - if ($password !~ /[[:lower:]]/ || $password !~ /[[:upper:]]/); + if ($complexity_level eq 'bmo') { + my $features = 0; + + $features++ if $password =~ /[a-z]/; + $features++ if $password =~ /[A-Z]/; + $features++ if $password =~ /[0-9]/; + $features++ if $password =~ /[^A-Za-z0-9]/; + $features++ if length($password) > 12; + + return 'password_not_complex' if $features < 3; } # Having done these checks makes us consider the password untainted. -- cgit v1.2.3-24-g4f1b