search

tales / tales-client

Moved to https://gitlab.com/tales/tales-client
http://www.manasource.org/
GNU General Public License v2.0
13 stars 5 forks source link

Check if the password is empty - Fixes #19 #24

Closed Schaefers closed 9 years ago

Schaefers commented 9 years ago

check if the password is empty

Schaefers commented 9 years ago

maybe change the displayed message..

Ablu commented 9 years ago

I think we should better check for a certain length (like at least 4 characters?) and then display a message like "The password must be at least X characters"... But not sure what a good length would be to require...

Ablu commented 9 years ago

For the commit message. Better write "Check if the password is empty" into the first line and "Fixes #19." into the second one.

That allows me to read the git log without checking what that issue was again.

jtoelke commented 9 years ago

Please don't require a password longer than 4 characters. I always get annoyed when I register somewhere and get requirements for my password, like a certain length or certain amount of digits and special characters. Also, I prefer "asdf" while on my local testing server, because that's quick to get in.

bjorn commented 9 years ago

I think minimum/maximum password lengths could only be checked by the server. These options are already available in the example manaserv.xml but don't seem to be used. Client-side I think it suffices to make sure the user has typed in at least something.

atheros commented 9 years ago

for local testing case a save password feature or some sort of remember me (not using a password) would make more sens I think, but while it isn't there, 4 digits seems ok

Ablu commented 9 years ago

The server cannot check this since it is transferred hashed only. So the server has no chance to know either the password or the length.

On 22/11/14 20:44, Thorbjørn Lindeijer wrote:

I think minimum/maximum password lengths could only be checked by the server. These options are already available in the example |manaserv.xml| but don't seem to be used. Client-side I think it suffices to make sure the user has typed in at least something.

— Reply to this email directly or view it on GitHub https://github.com/tales/tales-client/pull/24#issuecomment-64092706.

bjorn commented 9 years ago

The server cannot check this since it is transferred hashed only. So the server has no chance to know either the password or the length.

Ah, good point. :-)

Ablu commented 9 years ago

Saving a password also makes sense for a public server. Especially on mobile I never have to enter my password anywhere more than once...

But for local test server i would prefer to simply disable the entire password authentication and automatically login as admin. But thats a different thing.

So I think 4 characters are fine for now.

On 22/11/14 20:54, Przemysław Grzywacz wrote:

for local testing case a save password feature or some sort of remember me (not using a password) would make more sens I think, but while it isn't there, 4 digits seems ok

— Reply to this email directly or view it on GitHub https://github.com/tales/tales-client/pull/24#issuecomment-64093031.

Schaefers commented 9 years ago

should be fine now.

Ablu commented 9 years ago

Pushed as 4cfdbb806f0c734d5297e499856513b4d2309a5e. I added a . After the Fixes #19 line while pushing.

Thanks a lot for the fix!