Opened 9 years ago

Closed 7 years ago

#3062 closed defect (fixed)

[patch] Remove arbitrary maxlength from UserCreationForm and PasswordChangeForm password fields

Reported by: Collin Grady <cgrady@…> Owned by: nobody
Component: Contrib apps Version:
Severity: normal Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

At present, UserCreationForm and PasswordChangeForm have arbitrary maxlengths on the input fields for the password (and not even the same max).

As the auth code itself has no such max length limit, this serves no purpose but to cause longer passwords to fail. While not a common occurance, it did recently pop up, so there is at least some need for longer passwords :)

Attachments (2)

password-maxlength-removal.patch (1.7 KB) - added by Collin Grady <cgrady@…> 9 years ago.
password-maxlength-removal.2.patch (2.3 KB) - added by Collin Grady <cgrady@…> 9 years ago.
new patch, missed a few maxlengths before

Download all attachments as: .zip

Change History (6)

Changed 9 years ago by Collin Grady <cgrady@…>

comment:1 Changed 9 years ago by Collin Grady <cgrady@…>

  • Summary changed from [path] Remove arbitrary maxlength from UserCreationForm and PasswordChangeForm password fields to [patch] Remove arbitrary maxlength from UserCreationForm and PasswordChangeForm password fields

Changed 9 years ago by Collin Grady <cgrady@…>

new patch, missed a few maxlengths before

comment:2 Changed 8 years ago by Simon G. <dev@…>

  • Triage Stage changed from Unreviewed to Design decision needed

comment:3 Changed 8 years ago by ubernostrum

  • Triage Stage changed from Design decision needed to Accepted

The auth forms need to be rewritten for newforms anyway and this can be done as part of that refactoring, but there are some tricky dependencies. Collin, do you feel like taking that on?

comment:4 Changed 7 years ago by lukeplant

  • Resolution set to fixed
  • Status changed from new to closed

(In [8180]) Fixed #3062 - removed arbitrary and unneeded max_length on password fields in auth forms.

Note: See TracTickets for help on using tickets.
Back to Top