[QA] random passwords are now half the size, compared to 2.2.0

[jnweiger]

Seen with 2.3.0-rc.1 and core 10.15.0-rc.3

• enable openidconnect
• connect to keycloak
• create a few new users in keycloak
• in owncloud, log in with one of the new users.
• generatePassword: produces a 32 char random string that looks like e.g. t+zl0j9rKhRZmkhXFAclrEbPmbwvBDwN, whereas the code in 2.0.1 would produce a 64 char string e.g. efaf730f29caf7bc0649b9ad879a77988525b7e4c68b26ea916d4c83f9382435
• Entropy is possibly improved a bit by allowing a larger character range. But it could be much more improved by keeping the length the same. BAD.

The change was introduced by this commit:

282

[jnweiger]

Question: How is this change related to the password policy app?

• The code seems to work exactly the same, with password policy disabled, uninstalled, or enforcing more special characters or different special characters than the random strings have. Is this the intended bahaviour?

[jnweiger]

No negative effects seen during QA, not a release blocker.

[DeepDiver1975]

in case the password policy app is enabled passwords are now generated based on the password policy.

in case the password policy app is not enabled the password is generated just like before -> case closed