Opened 6 years ago
Closed 6 years ago
#47924 closed defect (bug) (fixed)
Reset password: The submit button is enabled when the password input field is empty
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Milestone: | 5.3 | Priority: | normal |
| Severity: | normal | Version: | |
| Component: | Login and Registration | Keywords: | has-patch commit |
| Focuses: | ui | Cc: |
Description
When resetting a password, the password input field is populated with a strong password suggestion. The submit button is enabled in this case.
If you decide to type a weak password the submit button is disabled and a "Confirm use of weak password" box is shown on the form.
If you remove the password completely so the input field is empty the "Confirm use of weak password" box is removed and the submit button is enabled again.
I think the "Confirm use of weak password" box should be removed but I think the button should remain disabled. This will stop the user submitting an empty form.
Please see the attached images.
Attachments (5)
Change History (14)
#1
@
6 years ago
- Component changed from General to Login and Registration
- Focuses ui added
- Keywords needs-patch added
- Milestone changed from Awaiting Review to Future Release
#3
@
6 years ago
- Keywords has-patch added; needs-patch removed
- Owner set to adamsilverstein
- Status changed from new to reviewing
#5
@
6 years ago
Hi @adamsilverstein
The patch is looking good to me. What are your thoughts on adding an additional password strength state?
I believe we have short, bad, good and strong currently. If we added an empty state we could make use of it in places:
if ( $( passStrength ).is( '.empty, .short, .bad' ) ) {
// Do something
}
#6
@
6 years ago
I believe we have short, bad, good and strong currently. If we added an empty state we could make use of it in places
Interesting suggestion, I can try that out. In this case the behaviour for 'empty' is quite distinct from non empty, so we may want to keep the conditional as it is in the patch,
#7
@
6 years ago
In 47924.2.diff:
- Add a new 'empty' password strength where we were already detecting the empty password field.
- Keep existing logic for disabling submit button, using the 'empty' strength instead of checking the password length (again)
@henrywright Thanks for the bug report! That does seem like unexpected behavior.
I have attempted a fix in 47924.diff - in this patch, when the password field is emptied we
I found that the checkbox needed to be unchecked, otherwise as you start typing again the submit button would remain disabled. This feels a little more natural as well - after clearing the field and the checkbox disappears, it seems right that it reappears unchecked.
Can you give this a test?