Page MenuHomePhabricator
Create Task
Maniphest T227237

Create PasswordCannotMatchEmail password policy
Open, Needs TriagePublic
Actions

Description

A password policy for PasswordCannotMatchEmail to go with PasswordCannotMatchUsername seems a reasonable mitigation/prevention

Event Timeline

Reedy created this task.Jul 3 2019, 11:17 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 3 2019, 11:17 PM
MarcoAurelio awarded a token.Jul 4 2019, 12:04 AM
MarcoAurelio subscribed.
Ammarpad subscribed.Apr 10 2020, 1:47 PM

I think it was not added because email is not public like username (and not even required).

Reedy added a comment.Apr 10 2020, 1:53 PM
In T227237#6046146, @Ammarpad wrote:

I think it was not added because email is not public like username (and not even required).

Neither is your password?

Tonymetz subscribed.Apr 29 2024, 5:21 AM
Tonymetz added a comment.Apr 29 2024, 5:30 AM

@Reedy is this still relevant? It seems similar to includes/password/PasswordPolicyChecks.php L95 checkPasswordCannotBeSubstringInUsername()

I'm looking for a good first contribution and this would be a good fit.

Tonymetz added a project: good first task.Apr 29 2024, 9:50 PM
Aklapper removed a project: good first task.Apr 29 2024, 10:27 PM

@Tonymetz: A good first task is a self-contained, non-controversial task with a clear approach. It should be well-described with pointers to help a completely new contributor. Please add details what exactly has to happen where and how for a new contributor, and then add back the good first task project tag. Thanks a lot in advance!

Tonymetz added a comment.Apr 29 2024, 10:30 PM

thanks for the guidance I may take this one. I'll improve the docs if it's better suited for the tag. I appreciate the guidance.

Zabe subscribed.May 5 2024, 1:26 PM
Tonymetz unsubscribed.Wed, Jan 28, 12:32 AM
Restricted Application added a project: MediaWiki-Platform-Team. · View Herald TranscriptWed, Jan 28, 12:32 AM
OWresch-WMF moved this task from Inbox, needs triage to Q3 Kanban Board on the MediaWiki-Platform-Team board.Mon, Feb 2, 3:49 PM
OWresch-WMF edited projects, added MediaWiki-Platform-Team (Q3 Kanban Board); removed MediaWiki-Platform-Team.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits