Description of the need
I would like a simple way to enforce more secure passwords in Backdrop core. Since a longer password is a stronger password, I would like a minimum length setting for passwords.
Proposed solution
An admin sets a minimum length for passwords
When a password is created that does not meet that minimum, a validation error is thrown asking for a longer one.
Alternatives that have been considered
This a follow up to https://github.com/backdrop/backdrop-issues/issues/4265, where at some point a minimum password length setting was added as a factor in password strength. Both @stpaultim and I recognized it as its own setting, and were surprised when setting a minimum password length still allowed passwords to be created that did not meet the minimum.
Through discussion we realized that the setting we saw -- and that I loved! -- was not intended to be used as a control on allowed password length.
I'm creating this new issue because I still want a password minimum length feature for Backdrop core.
Recent comments
Hi Enthusiast, I had that problem with a site a while back and in that case it was a hosting problem with IPv6, which didn't work properly on the server this site was on. I updated...
Error when trying to check for updates
Hi. Welcome to Backdrop. Out of the box, there are two places you can set visibility by user ID and they are related: The layout configure screen under "Visibility conditions" (admin/structure/...
Use visibility User by uid
Start with clean URLs, add Pathauto and Metatag modules, submit your XML sitemap to Google Search Console, and keep your content original and well-structured.
How to Improve SEO Performance in Backdrop CMS