Enhancement for future release?

Worker Joined: Aug 02, 2004 Posts: 165

Quote:

Background:
- Password policy in place = Current policy says that password has to be at least 10 characters long.

However, when you will recover password via Your_Account&op=pass_lost function, it doesn't follow the password length policy. Instead it will generate weaker password.

Would it be possible to add following security enhancement to upcoming versions so this would benefit all rvn-users by default?

Code:

Your_Account/includes/functions.php and find the YA_MakePass() function.





for ($x = 0; $x < $ya_config['pass_min']; ++$x) {


+ 


$strs = 'aAbBcC2dDeEfF3gGhHjJ4kKmMnN5oOpPqQ6rRsStT7uUvVwW8xXyYzZ9!@#$%-+';

Posted: Thu Mar 21, 2013 7:09 am

Sounds good crypto! I've saved this off to remind me to enter it into our tracking system.