Forums » Feature Requests to Experts

Password complexity

    • 49 posts
    September 17, 2020 10:02 AM EDT

    I hope SEPHP developer add this feature so admin can set Password complexity.

    The complexity of the password makes new users back off from registering on the website.

     


    This post was edited by Arazindo at September 17, 2020 10:05 AM EDT
    • Moderator
    • 5320 posts
    September 17, 2020 10:52 AM EDT

    We have been asked this before. It would be good to search before posting. As we said, the reason this was changed is from a top security audit from an external security firm. Changing it to allow insecure passwords would again get us bad marks for security and open your site up to hack issues which would be a liability. Please get this implemented by a third party expert but please note that SocialEngine discourages going against the security firm's audit.

    • Moderator
    • 5320 posts
    September 17, 2020 10:52 AM EDT

    Topic moved to feature requests to experts.

    • 49 posts
    September 17, 2020 5:01 PM EDT

    Ok thank you Donna, you can consider implement brute force protection so admin can choose if she/he want to use secure password or brute force protection, or both

    • Moderator
    • 5320 posts
    September 17, 2020 5:57 PM EDT

    I'm not sure what you want but we have this setting already, "Block Account on Unsuccessful Login Attempts" which you can set to Yes or No. If set to Yes, you can choose how many unsuccessful logins they get.

     

    Also, regarding the password complexity issue, in another thread someone had posted how to make it insecure again if you prefer to put the simple password back. Not sure if that's what you want but it should be in a thread if you check around.