Koozali.org: home of the SME Server

Obsolete Releases => SME Server 9.x => Topic started by: sum100 on August 20, 2014, 05:14:57 AM

Title: change minimum password length
Post by: sum100 on August 20, 2014, 05:14:57 AM

sme9 here:
/usr/share/perl5/vendor_perl/esmith/FormMagick.pm
 
http://forums.contribs.org/index.php/topic,44858.0/all.html
 
This is not recomended but I have changed this on my server by altering the file :
/usr/lib/perl5/site_perl/esmith/FormMagic on line 789.  Change the 7 to a 5 & "> 6" to "> 4", save the file & give it a try. This worked for me.

sub validate_password
{
    my ($fm,$strength,$pass) =3D @_;

    use Crypt::Cracklib;

    my $reason;

    if ($strength eq "none") {
        return $fm->localise("Passwords must be at least 7 characters =
long") unless (length($pass) > 6);
        return "OK";
    }
 
 
 
config setprop passwordstrength Admin none
config setprop passwordstrength User none
config setprop passwordstrength Ibays none

Title: Re: change minimum password length
Post by: guest22 on August 20, 2014, 06:54:09 PM

sum100,

this hack will be gone by the next yum/software update.

guest

Title: Re: change minimum password length
Post by: CharlieBrady on August 20, 2014, 09:20:24 PM

Quote from: guest22 on August 20, 2014, 06:54:09 PM

this hack will be gone by the next yum/software update.

Only if esmith::FormMagick is updated - which it rarely is.

I think this is more to the point:

"This is not recomended ..."

I don't know why sum100 wants to make this change, or why he/she wants to advertise the fact that his/her server has been weakened in this way.