Make WordPress Core

Opened 17 years ago

Closed 16 years ago

#4470 closed enhancement (fixed)

Password Strength Meter

Reported by: mellertime's profile MellerTime Owned by: azaozz's profile azaozz
Milestone: 2.7 Priority: low
Severity: trivial Version: 2.3
Component: Administration Keywords: has-patch needs-testing blessed
Focuses: Cc:

Description

Matt requested I make the Password Strength plugin into a core patch, so here we go.

Note that this is just the visual meter. There's no back-end check to ensure the user can't change their password to something too short or 'bad' (as there is on WP.com).

Attachments (5)

password-strength-meter.diff (7.2 KB) - added by MellerTime 17 years ago.
password-strength-meter2.diff (7.3 KB) - added by JDTrower 17 years ago.
password-meter-strange-symbol.diff (760 bytes) - added by nbachiyski 17 years ago.
password-strength-meter-revised.diff (17.9 KB) - added by JDTrower 17 years ago.
New password strength function and PHP function (per #5404).
password-strength-meter-revised2.diff (18.2 KB) - added by JDTrower 17 years ago.

Download all attachments as: .zip

Change History (35)

#1 @rob1n
17 years ago

  • Milestone set to 2.4 (future)

#2 @rob1n
17 years ago

Some i18n needed, too.

#3 @MellerTime
17 years ago

Fixed 2 il8n mistakes and per rob1n replaced $() with jQuery() (arg!).

#4 @MellerTime
17 years ago

A final il8n change because rob1n's a pain in the butt... I wash my hands of it.

#5 @Nazgul
17 years ago

  • Milestone changed from 2.4 (future) to 2.3 (trunk)

#6 @ryan
17 years ago

  • Milestone changed from 2.3 to 2.4 (next)

#7 @JDTrower
17 years ago

I am attaching a new patch, that works for me as of Revision 6417. This patch contains everything that was included in the original patch, but makes it work with the current revision. In testing it out, I found that it works for me.

#8 @ryan
17 years ago

Working for me too.

#9 @pishmishy
17 years ago

Cool. Do you think you could write the function in PHP too so that we could provide #5404 ?

#10 @ryan
17 years ago

(In [6419]) Password strength meter from MellerTime. see #4470

#11 @ryan
17 years ago

I committed this as is since it's been working well for us on wordpress.com. Leaving open if someone wants to try doing the pluggable function.

#12 @santosj
17 years ago

Totally!

I'm going to hit this when I get home. Sounds like fun.

#13 @drhallows
17 years ago

Nice for WorpressMU and Wordpress Social Blogs =)

#14 @ryan
17 years ago

(In [6421]) Add file. see #4470

#15 @ryan
17 years ago

(In [6422]) Rename file. see #4470

#16 @nbachiyski
17 years ago

The question mark in the list of strange is actually a too strange symbol and xgettext claims it isn't a good utf-8 one. When changed to a conventional ? everything went fine. Patch attached.

#17 follow-ups: @nbachiyski
17 years ago

Actually it was meant to be a pound sterling sign, but anyway I don't think we should encourage users to use so strange symbols. They have to be able to enter them again.

#18 in reply to: ↑ 17 @pishmishy
17 years ago

Replying to nbachiyski:

Actually it was meant to be a pound sterling sign, but anyway I don't think we should encourage users to use so strange symbols. They have to be able to enter them again.

Some of us think that the S with a line through it is a strange symbol :-)

#19 in reply to: ↑ 17 @spencerp
17 years ago

Replying to nbachiyski:

Actually it was meant to be a pound sterling sign, but anyway I don't think we should encourage users to use so strange symbols. They have to be able to enter them again.

I agree with this. Is this ticket ready to close up now, or?

#20 @JDTrower
17 years ago

When I created the patch to work with the latest revision, I didn't look much at the code, but when I looked at the patch posted for the symbols, I noticed the following code:

<!--[if IE 6]><div id="pass-strength-iesucks">
<?php _e("If you weren&#8217;t using this sucky IE6, there would be pretty colors... and cookies!"); ?>
</div><![endif]--> 

I'm wondering if this is something that WP needs to be condoning. I realize that IE6 is a crappy browser, I hate having to code things to work with it, but do we need to rub that fact in the users face. There are people that have no control over what browser they use because of company policy, etc.

#21 follow-up: @JDTrower
17 years ago

I tested the patch concerning the symbols and it didn't break anything, which it shouldn't. I think Ryan was leaving this ticket open in case someone wanted to come in and provide the functionality of #5404 (which I believe santosj said he was going to try and do).

#22 in reply to: ↑ 21 ; follow-up: @darkdragon
17 years ago

Replying to JDTrower:

I tested the patch concerning the symbols and it didn't break anything, which it shouldn't. I think Ryan was leaving this ticket open in case someone wanted to come in and provide the functionality of #5404 (which I believe santosj said he was going to try and do).

I think pishmishy is doing a better job than I could. Since most of the work is happening over at the other ticket (#5404), does this mean that this can be closed?

#23 @ryan
17 years ago

(In [6429]) Fix funky char, remove IE taunt. Props nbachiyski. see #4470

#24 in reply to: ↑ 22 @pishmishy
17 years ago

Replying to darkdragon:

I think pishmishy is doing a better job than I could.

I'm not really (I don't really like the password strength function as given, although it'll do). Main problem is that my Javascript skills aren't too hot and so although I've gotten close to implementing checkRepetition() in PHP I've not been able to get it exactly right.

#25 @mypatricks
17 years ago

Suggest: Use ASCII Character Codes for symbol. example:

<p><?php _e('Hint: Use upper and lower case characters, numbers and symbols like &#33;&#34;&#163;&#36;&#37;&#94;&#38;&#40; in your password.'); ?></p>

#26 @JDTrower
17 years ago

I am uploading a new patch file. This patch reworks the password strength function complete with a new algorithm and a change to the UI of the strength meter. Also included in the patch is the PHP function (as per ticket #5404). The PHP function is disable by default, but in the general options can be enabled.

If nikolayb or someone with i18n understanding can verify the coding to allow for translation, I would appreciate it.

Any feedback would be appreciated.

@JDTrower
17 years ago

New password strength function and PHP function (per #5404).

#27 @JDTrower
17 years ago

I am uploading a revised version of my previous patch. This patch is current as of revision [6752]. I also made a couple of tweaks from my previous version. Again, the PHP function is disabled by default, but by going into general options, it can be enabled.

This patch and the new algorithm it contains does not include any check for repetition at the moment.

#28 @ffemtcj
17 years ago

  • Milestone changed from 2.5 to 2.6

#29 @matt
16 years ago

  • Keywords blessed added
  • Owner changed from anonymous to azaozz

This needs to be updated so it doesn't activate until you've typed something in one of the boxes.

It should also include a warning when the passwords don't match.

#30 @azaozz
16 years ago

  • Milestone changed from 2.9 to 2.7
  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.