Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

Password Length
 
fhornain
Jr. Member
 
Avatar
Total Posts:  12
Joined:  2007-09-01
Brussels - Belgium - E.U.
 

Dear *,

Again, and again it always me.
It could be also usefull, if the password set could be enforced to follow particular rules.

I mean it should strongly recommended to use a stronger password than 123456 or qwerty or something else.

BR
Fred

 
Magento Community Magento Community
Magento Community
Magento Community
 
Brandon
Sr. Member
 
Avatar
Total Posts:  76
Joined:  2007-08-31
Web Developer
 

I believe I read that limits and requirements will be available in a future release.

 
Magento Community Magento Community
Magento Community
Magento Community
 
jomarshall
Jr. Member
 
Total Posts:  2
Joined:  2012-02-07
 

Apparently this is on their 10 year plan.

 
Magento Community Magento Community
Magento Community
Magento Community
 
ec0mmerce
Sr. Member
 
Avatar
Total Posts:  242
Joined:  2013-01-17
 

Hi

You can change min. password length here:
edit /var/www/app/code/core/Mage/Customer/Model/Customer/Attribute/Backend/Password.php

# change default catalog list mode to list
set_core_config_data “catalog/frontend/list_mode” “list-grid”

And look through these threads:
http://www.panticz.de/magento-change-minimum-password-length
http://www.magentocommerce.com/boards/viewthread/18197/

 
Magento Community Magento Community
Magento Community
Magento Community
 
jomarshall
Jr. Member
 
Total Posts:  2
Joined:  2012-02-07
 

It’s not a question of how to override the core requirements, we’ve done that. We had to, because after nearly 6 years it’s still not an included feature- not even in Enterprise Edition. So for a piece of software that costs over $15K to get started ($50k for “Premium"), you still have to write custom code to change password requirements for your guests so that they’re not susceptible to the most basic brute force attacks.

Weak. Sauce.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top