Details
Description
Adding a few additional notes:
1. This happens regardless of whether the `Strong Passwords` feature is enabled or not
2. This seems to only affect the Admin User that is automatically generated when a new Account is created form the Admin Portal
3. No check is done on the password at all: it's possible to choose a password that is shorter than 6 characters too.
This wouldn’t apply in the sign up page because “Strong password” is not activated by default. It could apply on buyers/accounts/new but it’s true that we don’t have password confirmation there yet.
If strong passwords is enabled, it should be checked at least on buyers/accounts/edit where we do have password confirmation. It should be checked when user changes her password (not when creating new users): buyers/accounts/edit (Admin Portal) and Settings > Users > Edit (dev portal)
In any case, only affecting the automatically created Admin User, this is a minor.
Attachments
Issue Links
- clones
-
THREESCALE-1747 Require Strong Password when an existing user resets a password
- Closed