WordPress.org

Make WordPress Core

Opened 3 years ago

Closed 6 months ago

Last modified 6 months ago

#40233 closed defect (bug) (invalid)

Password policy is not applied to new registrations

Reported by: robdxw Owned by:
Milestone: Priority: normal
Severity: normal Version: 4.3
Component: Login and Registration Keywords: needs-screenshots close reporter-feedback
Focuses: ui Cc:

Description

If you create a new user from within the admin panel, or are an existing user modifying your password, you are required to tick the "Confirm use of weak password" box if you override the default generated password with a weak one of your own choosing.

However, if you are registering as a new user, you are free to create a weak password without having to tick any such box.

The policy should be applied consistently in both places.

Change History (5)

#1 @johnbillion
3 years ago

  • Focuses ui added
  • Keywords needs-patch needs-screenshots added
  • Version changed from 4.7 to 4.3

Related: #33167

#2 @lukecavanagh
3 years ago

wp-admin/user-edit.php
wp-admin/user-new.php

Class
pw-checkbox

Would be the two spots where that is used currently.

#3 @Presskopp
2 years ago

  • Keywords close added

I can't reproduce, the box is appearing, or am I missing something?

#4 @Presskopp
6 months ago

  • Resolution set to invalid
  • Status changed from new to closed

#5 @desrosj
6 months ago

  • Keywords reporter-feedback added; needs-patch removed
  • Milestone Awaiting Review deleted

@robdxw If you are still able to reproduce this in the latest version of WordPress, feel free to reopen with more details.

Note: See TracTickets for help on using tickets.