Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-1747

Require Strong Password when an existing user resets a password

    XMLWordPrintable

Details

    • Bug
    • Resolution: Obsolete
    • Major
    • None
    • 2.5 ER1, 2.7 GA, SaaS
    • System
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Engineering
    • Hide

      1. Create a new Developer Account from the admin Portal via `/buyers/accounts/new`
      2. Log in to the Developer Portal with the User automatically created during the step above
      3. Navigate to `Settings/Users/Edit User` (/admin/account/personal_details)
      4. Set a value like: `test` for the password and press the `Update Personal Details` button
      5. A success message is displayed and the password is updated

      Show
      1. Create a new Developer Account from the admin Portal via `/buyers/accounts/new` 2. Log in to the Developer Portal with the User automatically created during the step above 3. Navigate to `Settings/Users/Edit User` (/admin/account/personal_details) 4. Set a value like: `test` for the password and press the `Update Personal Details` button 5. A success message is displayed and the password is updated

    Description

      When Strong Passwords feature is enabled after a developer account is created, the developer can reset the password without the strong passwords requirements.

      Steps to reproduce:
      1. In the admin portal disable "Strong Passwords" in Audience > Accounts > Usage rules
      2. Create a developer account from the admin or developer portal
      3. In the admin portal enable "Strong Passwords" in Audience > Accounts > Usage rules
      4. From the Developer Portal, sign in and go to Settings > Users > Edit and update Password and Password confirmation with a password that doesn't match the "Strong Password" requirements. You'll be able to update the password.

       

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. THREESCALE-5416 Default admin user on Developer Account has no validation of password performed

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Closed

          Activity

            People

              Unassigned Unassigned
              rhn-support-avilatus Anna Vila Tusell
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: