Advanced search  

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Pages: [1]   Go Down

Author Topic: [Solved]: Size limit password  (Read 4354 times)

0 Members and 1 Guest are viewing this topic.

Thom1

  • Coppermine newbie
  • Offline Offline
  • Posts: 16
[Solved]: Size limit password
« on: August 08, 2009, 05:10:41 pm »

Hi,

Before I start to explain, I'm sorry for my english and I'm sorry if this topic already exists.

I changed my admin password by another (about 40 characters) then I can't login. I thought I've made a mistake typing the pass. So I could change the password modifying the database using phpmyadmin and retry to change the password : same problem. I think there is a size limit but how can I know this size limit and why is there ?
« Last Edit: August 09, 2009, 09:32:34 am by Joachim Müller »
Logged

Nibbler

  • Guest
Re: Size limit password
« Reply #1 on: August 08, 2009, 06:21:01 pm »

Max length is 25 chars. No reason for this.
Logged

Thom1

  • Coppermine newbie
  • Offline Offline
  • Posts: 16
Re: Size limit password
« Reply #2 on: August 08, 2009, 06:26:29 pm »

Okay,

I don't care if I'm limited, but why there is no info/warn about that ?
Logged

phill104

  • Administrator
  • Coppermine addict
  • *****
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 4885
    • Windsurf.me
Re: Size limit password
« Reply #3 on: August 08, 2009, 08:59:09 pm »

Probably because most people do not have passwords longer than 25 characters.. Follow the usual rules concerning passwords (using a mixture of characters and numbers in mixed case etc) and 25 characters will be more than secure enough.
Logged
It is a mistake to think you can solve any major problems just with potatoes.

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Size limit password
« Reply #4 on: August 09, 2009, 09:32:18 am »

The question "why is a certain feature coded in the way it is coded" usually doesn't lead to good results. The QUestion "how can I change what is bothering me" sometimes makes sense. To that question, the answer is "code it if you need it". We don't consider this a valid or usefull feature. Only people who have absolutely no idea about the security-related issues for web applications would ask such a silly question. 40 characters in a password falls into the category "needlessly long" and "needless typing effort that won't help to improve security".

I don't care if I'm limited
That's a very silly remark.

This entire thread falls into the category "flaming attempt". Locking.
Logged
Pages: [1]   Go Up
 

Page created in 0.021 seconds with 19 queries.