Support

Admin Tools

#15808 Feature Suggestion

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Thursday, 18 April 2013 20:48 CDT

Thursday, 18 April 2013 17:42 CDT

UglyEoin
Just a feature suggestion

Description of my issue:

Would it be possible to add some rules about password strength? May to make sure users are using reasonably large passwords. Perhaps at least for Super Users and Administrators?

I saw a plugin on the extensions directory, but I didn't know if it was good or not, it's got no reviews, but I thought this was quite important. I figured Admin Tools was a good place for such functionality.

What do you think? Something that might happen one day or not?

Thursday, 18 April 2013 20:48 CDT

nicholas
I disagree with such rules. Case to make a point. The following password:
correct_horse-battery_stapler
does not satisfy half of the typical rules of a strong password but it's extremely hard to brute force. Even harder to brute force:
correct cheval Batterie συρραπτικό
Combining four languages. Try brute forcing that with JtR or HashCat. It will take you months IF you have full dictionaries for all four languages and you suspect that the user may have used proper words. You get the idea.

So, what is a strong password? Not the typical password looking like line noise which is impossible to remember. A strong password is one which you can remember and is complex enough to make brute forcing counter productive. Putting automated rules for that? Good luck :)

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!