I am a newbie in regards to PHPFusion usage. Had a question though, How to stop users from entering special characters for password, right now special characters are allowed for passwords?
Thing is though special characters make passwords stronger. Removing special characters from password is maybe then going to make your users passwords weaker. Special characters is good to allow for passwords. Takes crackers way longer to crack the things I think.
As Fangree Craig said, it is Risky to disallowing special characters because then it makes easy to guess the passwords...
Even then, if you want to try, then have a look at the code in your includes/classes/PasswordAuth.class.php : [syntaxhighlighter brush=php,first-line=1,highlight=0,collapse=false,html-script=false]// Checks if new password input is valid private function _isValidPasswordInput() { if (preg_match("/^[0-9A-Z@!#$%&\/\(\=\-_?+\*\.,:;]{8,64}$/i", $this->inputNewPassword)) { return true; } else { return false; } }[/syntaxhighlighter]
Thnx a lot. I thought that maybe special characters can lead to some sort of injections. You know as a newbie would think. It is always scary at first.