WordPress.org

Make WordPress Core

Opened 2 years ago

Last modified 11 months ago

#40233 new defect (bug)

Password policy is not applied to new registrations

Reported by: robdxw Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 4.3
Component: Login and Registration Keywords: needs-patch needs-screenshots close
Focuses: ui Cc:

Description

If you create a new user from within the admin panel, or are an existing user modifying your password, you are required to tick the "Confirm use of weak password" box if you override the default generated password with a weak one of your own choosing.

However, if you are registering as a new user, you are free to create a weak password without having to tick any such box.

The policy should be applied consistently in both places.

Change History (3)

#1 @johnbillion
2 years ago

  • Focuses ui added
  • Keywords needs-patch needs-screenshots added
  • Version changed from 4.7 to 4.3

Related: #33167

#2 @lukecavanagh
2 years ago

wp-admin/user-edit.php
wp-admin/user-new.php

Class
pw-checkbox

Would be the two spots where that is used currently.

#3 @Presskopp
11 months ago

  • Keywords close added

I can't reproduce, the box is appearing, or am I missing something?

Note: See TracTickets for help on using tickets.