Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Minor
Fix Version/s: 3.9
Affects Version/s: 3.8, 3.9
Component/s: Administration, Authentication
Labels:
- CatalystIT
- ci
- partner

Affected Branches:
MOODLE_38_STABLE, MOODLE_39_STABLE
Fixed Branches:
MOODLE_39_STABLE
Pull from Repository:
https://github.com/brendanheywood/moodle
Pull Main Branch:
~~MDL-67950~~-passwordpolicy-callback
Pull Main Diff URL:
https://github.com/moodle/moodle/compare/2c0b08c5...brendanheywood:MDL-67950-passwordpolicy-callback
Testing Instructions:

Hide

1) Turn policy off

php admin/cli/cfg.php --name=passwordpolicy --set=0

2) Confirm you can set poor passwords

php admin/cli/reset_password.php --username=admin --password=admin

3) Add a callback to mod/assign/lib/php

function mod_assign_check_password_policy(){
return 'always fail';
}

4) Purge cache to pick it up

php admin/cli/purge_caches.php

5) Turn policy on

php admin/cli/cfg.php --name=passwordpolicy --set=1

6) Attempt reset and confirm you get 'always fail':

php admin/cli/reset_password.php --username=admin --password=admin
Passwords must be at least 8 characters long.
Passwords must have at least 1 digit(s).
Passwords must have at least 1 upper case letter(s).
Passwords must have at least 1 non-alphanumeric character(s) such as as *, -, or #.
always fail

7) Retry with confirm ignored and confirm it still works

php admin/cli/reset_password.php --username=admin --password=admin --ignore-password-policy
Password changed

Show
1) Turn policy off php admin/cli/cfg.php --name=passwordpolicy --set=0 2) Confirm you can set poor passwords php admin/cli/reset_password.php --username=admin --password=admin 3) Add a callback to mod/assign/lib/php function mod_assign_check_password_policy() { return 'always fail'; } 4) Purge cache to pick it up php admin/cli/purge_caches.php 5) Turn policy on php admin/cli/cfg.php --name=passwordpolicy --set=1 6) Attempt reset and confirm you get 'always fail': php admin/cli/reset_password.php --username=admin --password=admin Passwords must be at least 8 characters long. Passwords must have at least 1 digit(s). Passwords must have at least 1 upper case letter(s). Passwords must have at least 1 non-alphanumeric character(s) such as as *, -, or #. always fail 7) Retry with confirm ignored and confirm it still works php admin/cli/reset_password.php --username=admin --password=admin --ignore-password-policy Password changed

Description

There is a $CFG->passwordpolicy mismatch between the actually policy and the help for the policy, ie:

https://github.com/moodle/moodle/blob/master/lib/weblib.php#L3619-L3644

https://github.com/moodle/moodle/blob/master/lib/moodlelib.php#L4989-L5021

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

image-2020-02-26-09-47-46-522.png
77 kB
26/Feb/20 9:47 AM

Issue Links

has a non-specific relationship to

MDL-67977 Logical inconsistency between check_password_policy vs generate_password

Open

MDL-61694 Create an extension point for adding extra password validation functionality

Closed

MDL-66278 Add a callback to add content to print_password_policy

Closed

has been marked as being related by

MDL-67309 Have options to call check_password_policy on every login

Closed

Activity

People

Assignee:: Brendan Heywood

Reporter:: Brendan Heywood

Peer reviewer:: Peter Burnett

Integrator:: Eloy Lafuente (stronk7)

Tester:: Janelle Barcega

Participants:: Brendan Heywood, CiBoT, Eloy Lafuente (stronk7), Janelle Barcega, Peter Burnett

Votes:: 1 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 13/Feb/20 12:11 PM

Updated:: 28/Feb/20 8:34 PM

Resolved:: 28/Feb/20 8:34 PM

Fix Release Date:: 15/Jun/20

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

25m