WordPress.org

Make WordPress Core

Opened 7 years ago

Closed 6 years ago

#4470 closed enhancement (fixed)

Password Strength Meter

Reported by: MellerTime Owned by: azaozz
Milestone: 2.7 Priority: low
Severity: trivial Version: 2.3
Component: Administration Keywords: has-patch needs-testing blessed
Focuses: Cc:

Description

Matt requested I make the Password Strength plugin into a core patch, so here we go.

Note that this is just the visual meter. There's no back-end check to ensure the user can't change their password to something too short or 'bad' (as there is on WP.com).

Attachments (5)

password-strength-meter.diff (7.2 KB) - added by MellerTime 7 years ago.
password-strength-meter2.diff (7.3 KB) - added by JDTrower 6 years ago.
password-meter-strange-symbol.diff (760 bytes) - added by nbachiyski 6 years ago.
password-strength-meter-revised.diff (17.9 KB) - added by JDTrower 6 years ago.
New password strength function and PHP function (per #5404).
password-strength-meter-revised2.diff (18.2 KB) - added by JDTrower 6 years ago.

Download all attachments as: .zip

Change History (35)

comment:1 rob1n7 years ago

  • Milestone set to 2.4 (future)

comment:2 rob1n7 years ago

Some i18n needed, too.

comment:3 MellerTime7 years ago

Fixed 2 il8n mistakes and per rob1n replaced $() with jQuery() (arg!).

comment:4 MellerTime7 years ago

A final il8n change because rob1n's a pain in the butt... I wash my hands of it.

comment:5 Nazgul7 years ago

  • Milestone changed from 2.4 (future) to 2.3 (trunk)

comment:6 ryan7 years ago

  • Milestone changed from 2.3 to 2.4 (next)

comment:7 JDTrower6 years ago

I am attaching a new patch, that works for me as of Revision 6417. This patch contains everything that was included in the original patch, but makes it work with the current revision. In testing it out, I found that it works for me.

comment:8 ryan6 years ago

Working for me too.

comment:9 pishmishy6 years ago

Cool. Do you think you could write the function in PHP too so that we could provide #5404 ?

comment:10 ryan6 years ago

(In [6419]) Password strength meter from MellerTime. see #4470

comment:11 ryan6 years ago

I committed this as is since it's been working well for us on wordpress.com. Leaving open if someone wants to try doing the pluggable function.

comment:12 santosj6 years ago

Totally!

I'm going to hit this when I get home. Sounds like fun.

comment:13 drhallows6 years ago

Nice for WorpressMU and Wordpress Social Blogs =)

comment:14 ryan6 years ago

(In [6421]) Add file. see #4470

comment:15 ryan6 years ago

(In [6422]) Rename file. see #4470

comment:16 nbachiyski6 years ago

The question mark in the list of strange is actually a too strange symbol and xgettext claims it isn't a good utf-8 one. When changed to a conventional ? everything went fine. Patch attached.

comment:17 follow-ups: nbachiyski6 years ago

Actually it was meant to be a pound sterling sign, but anyway I don't think we should encourage users to use so strange symbols. They have to be able to enter them again.

comment:18 in reply to: ↑ 17 pishmishy6 years ago

Replying to nbachiyski:

Actually it was meant to be a pound sterling sign, but anyway I don't think we should encourage users to use so strange symbols. They have to be able to enter them again.

Some of us think that the S with a line through it is a strange symbol :-)

comment:19 in reply to: ↑ 17 spencerp6 years ago

Replying to nbachiyski:

Actually it was meant to be a pound sterling sign, but anyway I don't think we should encourage users to use so strange symbols. They have to be able to enter them again.

I agree with this. Is this ticket ready to close up now, or?

comment:20 JDTrower6 years ago

When I created the patch to work with the latest revision, I didn't look much at the code, but when I looked at the patch posted for the symbols, I noticed the following code:

<!--[if IE 6]><div id="pass-strength-iesucks">
<?php _e("If you weren&#8217;t using this sucky IE6, there would be pretty colors... and cookies!"); ?>
</div><![endif]--> 

I'm wondering if this is something that WP needs to be condoning. I realize that IE6 is a crappy browser, I hate having to code things to work with it, but do we need to rub that fact in the users face. There are people that have no control over what browser they use because of company policy, etc.

comment:21 follow-up: JDTrower6 years ago

I tested the patch concerning the symbols and it didn't break anything, which it shouldn't. I think Ryan was leaving this ticket open in case someone wanted to come in and provide the functionality of #5404 (which I believe santosj said he was going to try and do).

comment:22 in reply to: ↑ 21 ; follow-up: darkdragon6 years ago

Replying to JDTrower:

I tested the patch concerning the symbols and it didn't break anything, which it shouldn't. I think Ryan was leaving this ticket open in case someone wanted to come in and provide the functionality of #5404 (which I believe santosj said he was going to try and do).

I think pishmishy is doing a better job than I could. Since most of the work is happening over at the other ticket (#5404), does this mean that this can be closed?

comment:23 ryan6 years ago

(In [6429]) Fix funky char, remove IE taunt. Props nbachiyski. see #4470

comment:24 in reply to: ↑ 22 pishmishy6 years ago

Replying to darkdragon:

I think pishmishy is doing a better job than I could.

I'm not really (I don't really like the password strength function as given, although it'll do). Main problem is that my Javascript skills aren't too hot and so although I've gotten close to implementing checkRepetition() in PHP I've not been able to get it exactly right.

comment:25 mypatricks6 years ago

Suggest: Use ASCII Character Codes for symbol. example:

<p><?php _e('Hint: Use upper and lower case characters, numbers and symbols like &#33;&#34;&#163;&#36;&#37;&#94;&#38;&#40; in your password.'); ?></p>

comment:26 JDTrower6 years ago

I am uploading a new patch file. This patch reworks the password strength function complete with a new algorithm and a change to the UI of the strength meter. Also included in the patch is the PHP function (as per ticket #5404). The PHP function is disable by default, but in the general options can be enabled.

If nikolayb or someone with i18n understanding can verify the coding to allow for translation, I would appreciate it.

Any feedback would be appreciated.

JDTrower6 years ago

New password strength function and PHP function (per #5404).

comment:27 JDTrower6 years ago

I am uploading a revised version of my previous patch. This patch is current as of revision [6752]. I also made a couple of tweaks from my previous version. Again, the PHP function is disabled by default, but by going into general options, it can be enabled.

This patch and the new algorithm it contains does not include any check for repetition at the moment.

comment:28 ffemtcj6 years ago

  • Milestone changed from 2.5 to 2.6

comment:29 matt6 years ago

  • Keywords blessed added
  • Owner changed from anonymous to azaozz

This needs to be updated so it doesn't activate until you've typed something in one of the boxes.

It should also include a warning when the passwords don't match.

comment:30 azaozz6 years ago

  • Milestone changed from 2.9 to 2.7
  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.