[sqwebmail] Minimum length of a new password - Pawel Tecza - net.sourceforge.lists.courier-sqwebmail

3 messages in net.sourceforge.lists.courier-sqwebmail[sqwebmail] Minimum length of a new p...

From	Sent On	Attachments
Pawel Tecza	Apr 26, 2006 4:29 am	.gz
Sam Varshavchik	May 2, 2006 7:25 pm
Pawel Tecza	May 4, 2006 12:44 am

	Permalink for this message Paste this link in email or IM:
	Permalink for this thread Paste this link in email or IM:
	Atom feed for this thread Paste this URL into your reader:

Subject:	[sqwebmail] Minimum length of a new password	Actions...
From:	Pawel Tecza (p.te...@net.icm.edu.pl)
Date:	Apr 26, 2006 4:29:25 am
List:	net.sourceforge.lists.courier-sqwebmail
Attachments:	minpasslen.diff.gz - 6k

Hello Sam,

What do you think about checking length of new password? At this moment you don't do it, so a user can set even 1 character length password. I think it's not secure for him.

Could you please look at my patch? I added --with-minpasslen=<len> configure option which sets minimum length of a password in config.h file (#define MINPASSLEN <len>). Of course, this option is not obligatory, because default value of MINPASSLEN is 1.

BTW, why goodpass() function is disabled in pref.c file? In my opinion it can be useful if we want to limit allowed characters in user's password.

My best regards,

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets
	Permalink to these results Paste this link in email or IM:
	Atom feed for tracking future search results Paste this URL into your reader: