Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: [Solved]: Size limit password  (Read 3815 times)

0 Members and 1 Guest are viewing this topic.

Thom1

  • Coppermine newbie
  • Offline Offline
  • Posts: 16
[Solved]: Size limit password
« on: August 08, 2009, 05:10:41 pm »

Hi,

Before I start to explain, I'm sorry for my english and I'm sorry if this topic already exists.

I changed my admin password by another (about 40 characters) then I can't login. I thought I've made a mistake typing the pass. So I could change the password modifying the database using phpmyadmin and retry to change the password : same problem. I think there is a size limit but how can I know this size limit and why is there ?
« Last Edit: August 09, 2009, 09:32:34 am by Joachim Müller »
Logged

Nibbler

  • Guest
Re: Size limit password
« Reply #1 on: August 08, 2009, 06:21:01 pm »

Max length is 25 chars. No reason for this.
Logged

Thom1

  • Coppermine newbie
  • Offline Offline
  • Posts: 16
Re: Size limit password
« Reply #2 on: August 08, 2009, 06:26:29 pm »

Okay,

I don't care if I'm limited, but why there is no info/warn about that ?
Logged

phill104

  • Administrator
  • Coppermine addict
  • *****
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 4850
    • Windsurf.me
Re: Size limit password
« Reply #3 on: August 08, 2009, 08:59:09 pm »

Probably because most people do not have passwords longer than 25 characters.. Follow the usual rules concerning passwords (using a mixture of characters and numbers in mixed case etc) and 25 characters will be more than secure enough.
Logged
It is a mistake to think you can solve any major problems just with potatoes.

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Size limit password
« Reply #4 on: August 09, 2009, 09:32:18 am »

The question "why is a certain feature coded in the way it is coded" usually doesn't lead to good results. The QUestion "how can I change what is bothering me" sometimes makes sense. To that question, the answer is "code it if you need it". We don't consider this a valid or usefull feature. Only people who have absolutely no idea about the security-related issues for web applications would ask such a silly question. 40 characters in a password falls into the category "needlessly long" and "needless typing effort that won't help to improve security".

I don't care if I'm limited
That's a very silly remark.

This entire thread falls into the category "flaming attempt". Locking.
Logged
Pages: [1]   Go Up
 

Page created in 0.015 seconds with 19 queries.