Author: mike.lifeguard+bugs
Description:
Apparently Brion ran at least once a "password cracker" (http://meta.wikimedia.org/wiki/Talk:Stewards#Proposed_security_policy). While that's useful to identify vulnerable accounts, it is perhaps best to enforce minimum password strength from the get-go.
This extension should have the ability to
- force users to reset their password every X timespan
- T27925
enforce minimum password length - T46788
enforce varying levels of password security by user group (ie admins have an intermediate level, stewards must have a high level) - T11838 Send notification to account owner on multiple unsuccessful login attempts
- maybe other stuff I've not thought about
Version: unspecified
Severity: enhancement
See Also:
T46788: Allow different password requirements by group
T27925: Increase $wgMinimalPasswordLength