Issues with password requirements...

May 14, 2006 at 7:04 AM
Hi,

I had a lot of difficulty with the password requirements.

For some reason, both these string where not accepted:

F^elon032b
00Ac^*(0

They both seem to match the verbal requirements...

Looks like a bug...
May 17, 2006 at 6:46 AM
Yes, it's a bug. We deployed some updates today though, so the passwords you mention should work now.

Of course, it would probably be ill-advised to actually use those particular ones now that they are posted for the world. :-)
May 17, 2006 at 5:46 PM
what's up with such a complicated passwords anyway?
its not that it's the cia web site...
May 17, 2006 at 10:43 PM
Also - the error for why the passwords aren't getting accepted isn't clear:

"New password is in an invalid format.
Confirm password is in an invalid format."


May 17, 2006 at 11:32 PM
Obviously we need strong passwords to make sure nobody can hack in and access your open source code. ;-)

We'll fix it in our next deployment. What would be good? A six character minimum with no other constraints?
May 18, 2006 at 12:10 AM
I think having semi-strong passwords is fine actually. I think as long as the password page says what the requirement is, you're fine.

6 character minimum, maybe with one non-alpha character or whatever, should do.
May 24, 2006 at 6:19 PM
This discussion has been copied to Work Item 175. You may wish to continue further discussion there.