Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-67950

Logical inconsistency between $CFG->passwordpolicy between check_password_policy vs print_password_policy

    XMLWordPrintable

Details

    • MOODLE_38_STABLE, MOODLE_39_STABLE
    • MOODLE_39_STABLE
    • MDL-67950-passwordpolicy-callback
    • Hide

      1) Turn policy off

      php admin/cli/cfg.php --name=passwordpolicy --set=0

      2) Confirm you can set poor passwords

      php admin/cli/reset_password.php --username=admin --password=admin

      3) Add a callback to mod/assign/lib/php

      function mod_assign_check_password_policy(){
          return 'always fail';
      }

      4) Purge cache to pick it up

      php admin/cli/purge_caches.php

      5) Turn policy on

      php admin/cli/cfg.php --name=passwordpolicy --set=1

      6) Attempt reset and confirm you get 'always fail':

      php admin/cli/reset_password.php --username=admin --password=admin
      Passwords must be at least 8 characters long.
      Passwords must have at least 1 digit(s).
      Passwords must have at least 1 upper case letter(s).
      Passwords must have at least 1 non-alphanumeric character(s) such as as *, -, or #.
      always fail

      7) Retry with confirm ignored and confirm it still works

      php admin/cli/reset_password.php --username=admin --password=admin --ignore-password-policy
      Password changed

       

       

      Show
      1) Turn policy off php admin/cli/cfg.php --name=passwordpolicy --set=0 2) Confirm you can set poor passwords php admin/cli/reset_password.php --username=admin --password=admin 3) Add a callback to mod/assign/lib/php function mod_assign_check_password_policy() {     return 'always fail'; } 4) Purge cache to pick it up php admin/cli/purge_caches.php 5) Turn policy on php admin/cli/cfg.php --name=passwordpolicy --set=1 6) Attempt reset and confirm you get 'always fail': php admin/cli/reset_password.php --username=admin --password=admin Passwords must be at least 8 characters long. Passwords must have at least 1 digit(s). Passwords must have at least 1 upper case letter(s). Passwords must have at least 1 non-alphanumeric character(s) such as as *, -, or #. always fail 7) Retry with confirm ignored and confirm it still works php admin/cli/reset_password.php --username=admin --password=admin --ignore-password-policy Password changed    

    Description

      There is a $CFG->passwordpolicy mismatch between the actually policy and the help for the policy, ie:

      https://github.com/moodle/moodle/blob/master/lib/weblib.php#L3619-L3644

      vs

      https://github.com/moodle/moodle/blob/master/lib/moodlelib.php#L4989-L5021

      Attachments

        Issue Links

          has a non-specific relationship to

          Bug - A problem which impairs or prevents Moodle from functioning correctly. MDL-67977 Logical inconsistency between check_password_policy vs generate_password

          • Minor - Minor loss of function where workaround is possible
          • Open

          Improvement - An enhancement to an existing Moodle feature. MDL-61694 Create an extension point for adding extra password validation functionality

          • Minor - Minor loss of function where workaround is possible
          • Closed

          Improvement - An enhancement to an existing Moodle feature. MDL-66278 Add a callback to add content to print_password_policy

          • Minor - Minor loss of function where workaround is possible
          • Closed
          has been marked as being related by

          New Feature - A new Moodle feature which has yet to be developed. MDL-67309 Have options to call check_password_policy on every login

          • Minor - Minor loss of function where workaround is possible
          • Closed

          Activity

            People

              brendanheywood Brendan Heywood
              brendanheywood Brendan Heywood
              Peter Burnett Peter Burnett
              Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
              Janelle Barcega Janelle Barcega
              David Woloszyn, Huong Nguyen, Jake Dallimore, Meirza, Michael Hawkins, Raquel Ortega, Safat Shahin, Stevani Andolo, David Woloszyn, Huong Nguyen, Jake Dallimore, Meirza, Michael Hawkins, Raquel Ortega, Safat Shahin, Stevani Andolo
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                15/Jun/20

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 25 minutes
                  25m