Special Characters in Password
Asked Modified Viewed 3,804 times
asked
I am a newbie in regards to PHPFusion usage. Had a question though,
How to stop users from entering special characters for password, right now special characters are allowed for passwords?
Thnx in advance.
How to stop users from entering special characters for password, right now special characters are allowed for passwords?
Thnx in advance.
answered
Hi,
I am not sure how to.
Thing is though special characters make passwords stronger.
Removing special characters from password is maybe then going to make your users passwords weaker.
Special characters is good to allow for passwords. Takes crackers way longer to crack the things I think.
I am not sure how to.
Thing is though special characters make passwords stronger.
Removing special characters from password is maybe then going to make your users passwords weaker.
Special characters is good to allow for passwords. Takes crackers way longer to crack the things I think.
answered
As Fangree Craig said, it is Risky to disallowing special characters because then it makes easy to guess the passwords...
Even then, if you want to try, then have a look at the code in your includes/classes/PasswordAuth.class.php :
[syntaxhighlighter brush=php,first-line=1,highlight=0,collapse=false,html-script=false]// Checks if new password input is valid
private function _isValidPasswordInput() {
if (preg_match("/^[0-9A-Z@!#$%&\/\(\
=\-_?+\*\.,:;]{8,64}$/i", $this->inputNewPassword)) {
return true;
} else {
return false;
}
}[/syntaxhighlighter]
Even then, if you want to try, then have a look at the code in your includes/classes/PasswordAuth.class.php :
[syntaxhighlighter brush=php,first-line=1,highlight=0,collapse=false,html-script=false]// Checks if new password input is valid
private function _isValidPasswordInput() {
if (preg_match("/^[0-9A-Z@!#$%&\/\(\
=\-_?+\*\.,:;]{8,64}$/i", $this->inputNewPassword)) {return true;
} else {
return false;
}
}[/syntaxhighlighter]
answered
Thnx a lot. I thought that maybe special characters can lead to some sort of injections. You know as a newbie would think. It is always scary at first.
answered
Nah having these characters for passwords is fine. All good.
Have fun and good luck with your site.
Have fun and good luck with your site.
Category Forum
Announcements & Security IssuesLabels
None yet
Statistics
- Views 0 views
- Posts 4 posts
- Votes 0 votes
- Topic users 3 members
3 participants
Craig 14
- Fusioneer, joined since
- Contributed 4,462 posts on the community forums.
- Started 212 threads in the forums
Ankur 10
Hi! Its me, Ankur Thakur! 
- Veteran Member, joined since
- Contributed 1,277 posts on the community forums.
- Started 60 threads in the forums
patbrown 10
- Newbie, joined since
- Contributed 9 posts on the community forums.
- Started 4 threads in the forums
- Started this discussions
Notifications
Track thread
You are not receiving notifications from this thread.
Related Questions