Merge this in Plone core

[gbastien]

Hi,

as of https://dev.plone.org/ticket/13724 we would like to implement a strength password policy into Plone. It seems to be accepted by core mainteners that this could be integrated into the core. We would like to work on this at Plog 2014 and base our work on what is done in this branch. I think you will join the Plog 2014, are you or do you know people that will be there and that would be interested in joining us to work on this (http://www.coactivate.org/projects/plog-2014/sprinttopic).

Thank you!

Gauthier

[davisagli]

On 1/8/14, 12:30 AM, Gauthier Bastien wrote:

Hi,

as of https://dev.plone.org/ticket/13724 we would like to implement a strength password policy into Plone. It seems to be accepted by core mainteners that this could be integrated into the core.

The framework team considered this ticket and would prefer to see password policies as add-ons, rather than in core. Sorry if we didn't communicate this well. If one add-on becomes widely used, it could be considered for core.

We would like to work on this at Plog 2014 and base our work on what is done in this branch. I think you will join the Plog 2014, are you or do you know people that will be there and that would be interested in joining us to work on this (http://www.coactivate.org/projects/plog-2014/sprinttopic).

Thank you!

Gauthier

— Reply to this email directly or view it on GitHub https://github.com/collective/Products.PasswordStrength/issues/1.

[gbastien]

Hi @davisagli @djay

ok, sorry I misunderstood but I am ok with your approach ;-)

Anyway, we can first make it with an add on with enough tests and communication around so it can be merged in the core one day, I am ok with that.

We are still looking for people interested to work on such topic during the Plog 2014, let us know if you find anybody to work with us on this.

Thank you!

Gauthier

[djay]

I merged in the core parts of this plugin so that its easy to create s plugin that implements s certain policy. What's left in this plugin is some something that let's you configure a policy if you know reg ex and use the zmi. It would be nice to make this user friendly. First by having a plone control panel. Next by having a library of common password requirements that you could just pick from without having to know regex. Another nice thing would be to include JavaScript to check a password in realtime to make it less frustrating for the user. One more thing it could do is implement a policy of storing last password Hash's and not letting people pick the sane password?

Unfortunately I won't be at plog but feel free to work on that code in this plugin or a new one. I'm sure it will be very well received. On 9 Jan 2014 19:32, "Gauthier Bastien" notifications@github.com wrote:

Hi @davisagli https://github.com/davisagli @djayhttps://github.com/djay

ok, sorry I misunderstood but I am ok with your approach ;-)

Anyway, we can first make it with an add on with enough tests and communication around so it can be merged in the core one day, I am ok with that.

We are still looking for people interested to work on such topic during the Plog 2014, let us know if you find anybody to work with us on this.

Thank you!

Gauthier

— Reply to this email directly or view it on GitHubhttps://github.com/collective/Products.PasswordStrength/issues/1#issuecomment-31911555 .

[gbastien]

Hi,

we want to work on this at the Sorrento sprint next week (https://trello.com/b/s2nsbJ8I/plog-2014-plone-open-garden), we will present then discuss this with people interested by this topic. We would like also to find other people to work on this and try to build something for the end of the sprint...

If you come to Sorrento and want to share ideas regarding this with us, feel free obviously!

Gauthier