Output polluted when resetting a user password via occ and it does not fit the password policy

owncloud / password_policy

🛡️ Define password policies for user and public link passwords

GNU General Public License v2.0

6 stars 6 forks source link

Output polluted when resetting a user password via occ and it does not fit the password policy #48

Open davitol opened 6 years ago

davitol commented 6 years ago

Steps

Login as admin
Enable rule password must be different than your previous 3 passwords
Create a user "user1" with password "pwd"
Login as "user1"
Run ./occ user:resetpassword user1 and set the same password "pwd"

screen shot 2018-07-13 at 09 23 07

screen shot 2018-07-13 at 08 44 01

phil-davis commented 6 years ago

Yes, other commands output just a message, like the red part. It would be nice not to have the line 33 line 67 stuff.

PVince81 commented 6 years ago

on the other, if we do it like on Linux, an admin is allowed to set passwords that don't match the rules but get only a warning

PVince81 commented 6 years ago

does user management let the admin set passwords from history ?

phil-davis commented 6 years ago

No, it gives back the same messages - enforces password policies (length...) and history. Although the admin should be very unlikely in practice to "accidentally" set a new password for a user that happens to be one of the user's old passwords.