Koozali.org: home of the SME Server

Obsolete Releases => SME Server 7.x => Topic started by: turtle2472 on August 27, 2007, 08:08:30 AM

Title: Password won't set to normal
Post by: turtle2472 on August 27, 2007, 08:08:30 AM

I have followed the instructions on this thread (http://forums.contribs.org/index.php?topic=33849.0 (http://forums.contribs.org/index.php?topic=33849.0)) and in the manual.

When I check with 'config show passwordstrength' it shows all three at 'normal' where I set them to.  However, when I attempt to set a password to a normal level (7 letters all lowercase with 1 number) I get an error saying it's not strong enough.

Quote

The password you provided was not a good password. A good password must contain all of the following: upper case letter, lower case letter, number, non-alphanumeric character, be at least 7 characters long.

How can I fix this?
Thanks

SME 7.2 with the latest updates in Software Installer

Edit:  I think I have it figured out...Nevermind

Title: Re: Password won't set to normal
Post by: brianr on August 27, 2007, 12:24:55 PM

Please post your fix, in-case someone else falls over the same problem.

cheers

Brian

Title: Re: Password won't set to normal
Post by: jmp1prs on August 28, 2007, 12:48:07 AM

I' ve the same problem with the same setup (SME SERVER 7.2 with up to date), I followed the tutorial and it doesen't worked to. Please post how did you managed to fixit becouse I'm lost.

Regards,

Andrew

Title: Re: Password won't set to normal
Post by: raem on August 28, 2007, 03:02:24 AM

jmp1prs

There was already a small section in the manual but I have added this more extensive explanation to the FAQ
http://wiki.contribs.org/SME_Server:Documentation:FAQ#Password_Strength_Checking

Title: Re: Password won't set to normal
Post by: jmp1prs on August 28, 2007, 05:50:33 AM

Thanks a lot RayMitchell, Now It's clear, I understood that normal was 7 chars with one number as I'd read in some place (the usual requirements).

So, "strong" and "normal" results annoying for most users, and "none" is too risky, I was looking for an intermediate solution, but i realize that's not possible.

Cheers

Andrew

Title: Re: Password won't set to normal
Post by: raem on August 28, 2007, 06:18:54 AM

jmp1prs

> I was looking for an intermediate solution, but i realize that's not possible.

There have been posts in these forums re the "intermediate" answer you want, so search.

Please tell me, what's so bad/difficult about a secure 7 character password ?
I know that existing users object, but is it that hard to enforce new policy in this security conscious world ?
Just tell them it can't be any other way if they value security, rather than going the non standard code tweaking route, with possible unknown complications later and that already does clash with pam authentication.

Title: Re: Password won't set to normal
Post by: turtle2472 on September 04, 2007, 04:29:35 AM

Sorry for not getting back sooner.  The issue was my ignorance and not understanding that Strong and Normal have the same password requirements other than the dictionary.  I too was looking for the intermediate solution, something like at least one number and one letter with 6-12 characters required.