[aur-dev] [PATCH] Increase minimum password length to 8 characters
Alex Muller
alex at mullr.net
Tue Jan 3 23:03:35 UTC 2017
> Since this is also in the patch, I would not really include these
> paragraphs in
> the patch since they are not all that necessary to be that verbose about
> it.
Removed a bit of the context from the commit message.
> I would change this to "Fixes: FS#52297" instead.
Updated to just "Relates to" because I'd like to see the codebase stop
using MD5 for passwords before I consider that fixed :)
Patch follows, thanks for your help!
>From d1cffe291c93073f62272c17aae1346dfabe4f55 Mon Sep 17 00:00:00 2001
From: Alex Muller <alex at mullr.net>
Date: Mon, 2 Jan 2017 11:09:44 +0000
Subject: [PATCH] Increase minimum password length to 8 characters
There are 95 printable ASCII characters which with a minimum length
of 4 gives 95^4 or 81 million possible passwords. Increasing the
minimum length to 8 increases the number of possible passwords by
a factor of about 10^7.
Relates to FS#52297.
Signed-off-by: Alex Muller <alex at mullr.net>
---
conf/config.proto | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/conf/config.proto b/conf/config.proto
index 96fad80..63e2458 100644
--- a/conf/config.proto
+++ b/conf/config.proto
@@ -9,7 +9,7 @@ password = aur
[options]
username_min_len = 3
username_max_len = 16
-passwd_min_len = 4
+passwd_min_len = 8
default_lang = en
sql_debug = 0
max_sessions_per_user = 8
--
2.11.0
More information about the aur-dev
mailing list