search

joomla / joomla-cms

Home of the Joomla! Content Management System
https://www.joomla.org
GNU General Public License v2.0
4.76k stars 3.64k forks source link

After migration to 4 user password length notification when saving options #40780

Open webmasterab opened 1 year ago

webmasterab commented 1 year ago

Steps to reproduce the issue

Go to users Then to the options The password length field. (which is now on from a migration from Joomla 3) Save the options

Actual result

You will then receive the following message. screen shot 2023-06-16 at 10 50 08

Expected result

screen shot 2023-06-16 at 10 50 59

System information (as much as possible)

Additional comments

It would be better if it is already converted during the migration. The user is not affected

https://issues.joomla.org/tracker/joomla-cms/38859

zero-24 commented 1 year ago

Yes the minimum version has been increased, recommended is a minimum length of 12 in that case without complexity rules. As long as you dont change the settings they stay as they where before. We highly avoid changing settings on upgrade for all users.

But as for improving the message I agree when that information is aviable we could show it to the message.

webmasterab commented 1 year ago

Understand it. Joomla prefers not to change the settings with a migration.

It is nice if you can look to make the message clearer with the number in it.

Or below the field a message that it is possible that the number is too low comfor the new requirements of Joomla 4. With the message that it is now at least 8 or higher. But that it can be lower if you have done a migration from 3 to 4.

Or ask a question about it during the migration process.

Changing the number does not affect current saved users only new ones

zero-24 commented 1 year ago

Changing the number does not affect current saved users only new ones

that is an missunderstading. As soon as the existing users want to change the PW they have to follow the new rules too.

Or ask a question about it during the migration process.

I would say that will make it much more complex for such a little change within the user settings.

webmasterab commented 1 year ago

Okay, but it is not a problem that if a user changes their password, they must now comply with the new rules.

As long as you get a clear message why the password is not accepted.

I understand it during the migration.

zero-24 commented 1 year ago

Yes that should already be the case what would be interesting is to look to improve the message you mentiond above when saving the options from the backend

brianteeman commented 3 months ago

I believe that this unclear message is the same as with #41140