search

Athou / commafeed

Google Reader inspired self-hosted personal RSS reader.
https://www.commafeed.com
Apache License 2.0
2.82k stars 377 forks source link

remove boomer password requirements #1059

Closed fuzzysh closed 1 year ago

fuzzysh commented 1 year ago

Is your feature request related to a problem? Please describe. i'm trying to change my password but it won't let me

Describe the solution you'd like remove the password requirements: Error newPassword Password must contain 1 or more uppercase characters. Password must contain 1 or more digit characters. Password must contain 1 or more special characters.

Describe alternatives you've considered i haven't considered anything even once in my life

Additional context https://www.starlab.io/blog/why-enforced-password-complexity-is-worse-for-security-and-what-to-do-about-it

maybe there's a config setting i missed but i searched password and didnt see anything

Athou commented 1 year ago

I can probably relax those rules if the password is long enough (like 12 or 16 chars). What do you think?

fuzzysh commented 1 year ago

i selfhost. is there a way to edit the reqs that i over looked?

Athou commented 1 year ago

There is now :) I just added app.strictPasswordPolicy in config.yml which defaults to true.