Password Length Tooltip Mismatch After AppSettings Change in Umbraco 10.8.3

[kometa333]

Which Umbraco version are you using? (Please write the exact version, example: 10.1.0)

10.8.3

Bug summary

After altering the appsettings.json to require a 16-character minimum for passwords as shown below: "Security": { "UserPassword": { "RequiredLength": 16 } } I noticed that while the system's functionality and the error prompts on the CMS password update interfaces have reflected this change, the guidance tooltip "newPasswordFormatLengthTip" displayed on the page following a password reset link – which is sent via email – has not. The text there still continues to advise a 10-character minimum.

Specifics

No response

Steps to reproduce

1. Open the appsettings.json file located in the root directory of the Umbraco installation.
2. Navigate to the Security section and locate the UserPassword configuration. Modify the RequiredLength under UserPassword to 16, to enforce a 16-character minimum length for passwords. The modified section should look like this: json Copy code "Security": { "UserPassword": { "RequiredLength": 16 } }
3. Save the changes to the appsettings.json file and ensure the Umbraco application is restarted to apply the changes.
4. Navigate to the CMS password update interface to trigger a password reset email.
5. Follow the password reset link sent via email to the password reset page.
6. Observe the guidance tooltip next to the password input field.

Expected result / actual result

Expected Result: The guidance tooltip, identified by the key newPasswordFormatLengthTip, should display information consistent with the appsettings.json configuration, advising users to enter a password with a minimum of 16 characters.

Actual Result: Despite the appsettings.json file being updated to require a 16-character minimum for passwords, the guidance tooltip still advises users to enter a password with a minimum of 10 characters.

[github-actions[bot]]

Hi there @kometa333!

Firstly, a big thank you for raising this issue. Every piece of feedback we receive helps us to make Umbraco better.

We really appreciate your patience while we wait for our team to have a look at this but we wanted to let you know that we see this and share with you the plan for what comes next.

• We'll assess whether this issue relates to something that has already been fixed in a later version of the release that it has been raised for.
• If it's a bug, is it related to a release that we are actively supporting or is it related to a release that's in the end-of-life or security-only phase?
• We'll replicate the issue to ensure that the problem is as described.
• We'll decide whether the behavior is an issue or if the behavior is intended.

We wish we could work with everyone directly and assess your issue immediately but we're in the fortunate position of having lots of contributions to work with and only a few humans who are able to do it. We are making progress though and in the meantime, we will keep you in the loop and let you know when we have any questions.

Thanks, from your friendly Umbraco GitHub bot :robot: :slightly_smiling_face:

[NguyenThuyLan]

Thanks @kometa333 for reporting this issue. I can confirm this is a bug we want to fix. This is password length tooltip that is need to be fix.

[NguyenThuyLan]

Sorry, I just checked the LTS & EOL status for Umbraco CMS. Umbraco 10 entered the security phase on June 16, 2024. The issue has been fixed in version 13. You can upgrade to Umbraco 13. Therefore, I will close this issue.