Remove, or document, admin password length restriction

[kmanwar89]

Is your feature request related to a problem? Please describe. As a good security practice, I use randomly-generated passwords managed by a password manager (BitWarden). When using one such password in Grimoire, I'm met with the following error logs from the pocketbase service:

grimoire-pocketbase  | 2024-09-10T01:12:55.175718742Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:13:55.371478613Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:14:55.572790774Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:15:55.766448011Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:16:55.945744638Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:17:56.145681581Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:18:56.319280301Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:19:56.506348956Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:20:56.691433418Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:21:56.898928205Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:22:57.088636984Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:23:57.268871509Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:24:57.461991636Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:25:57.662289179Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:26:57.853196373Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes
grimoire-pocketbase  | 2024-09-10T01:27:58.041861413Z Error: Failed to apply migration 1700577970_created_admin.js: bcrypt: password length exceeds 72 bytes

This request is to formally document, or outright remove (or increase!) this password length restriction.

Describe the solution you'd like Clearly document the password length limitation of 72 characters, increase the length limitation to 255 characters, or remove it altogether (preferred solution)

Describe alternatives you've considered A minimum password should be a enforced; a maximum password should not.

Additional context Thank you for your work on this project, and I hope this request is considered.

[goniszewski]

Hello @kmanwar89! I’m currently focused on the new version of the app, which should resolve most of the issues we've already faced.

You may want to check it on the develop branch, as it's now mostly bug-free. There are still a couple of issues, though, so it may take a little bit of time until it's released.

[kmanwar89]

Thanks! Can I offer to submit a PR to have this requirement document regardless? I'm sure others may have differing opinions about password length, but noting that passwords > a certain length is good to know for power users.

[goniszewski]

That would be great!