Topic: User changable passwords in 4.06b

[Lasse Johansson]

Hallo everybody

I've found a strange "feature" in 4.06b:

When a user changes his password from the "default" to something better,
the system does NOT allow some very commonly used characters such as "_"
or "$"

Of course, it's perfectly possible to solve those problems "manually" by
asking the manager to change that user's password with passwd and
smbpasswd, but I don't see any reason for not being able to do it
directly from the web-interface...

Any comments or easy solutions? (Yes, I'll poke into the system and
search for a solution myself also...)

//Lasse

[Charlie Brady]

Lasse Johansson wrote:

> When a user changes his password from the "default"
> to something better, the system does NOT allow some very
> commonly used characters such as "_" or "$"
>
> Of course, it's perfectly possible to solve those problems
> "manually" by asking the manager to change that
> user's password with passwd and smbpasswd, but I don't see any
> reason for not being able to do it directly from the
> web-interface...

You also posted your message to the developer mailing list - probably the right place for such a question.

Yes, the character set for passwords is more restricted than it might be. It should be fixed in a future relase, but needs to be done carefully to avoid introducing reliability or security problems.

Regards

Charlie