Page MenuHomePhabricator
Create Task
Maniphest T285153

Verify we allow any printable Unicode character in a password
Open, Needs TriagePublic
Actions

Description

ASVS v4.0.2-2.1.4 requires doing this as a "best practice" - https://github.com/OWASP/ASVS/blob/v4.0.2/4.0/OWASP%20Application%20Security%20Verification%20Standard%204.0.2-en.pdf

Verify that any printable Unicode character, including language neutral characters such as spaces and Emojis are permitted in passwords

We should write some tests to confirm this functionality :)

Event Timeline

Reedy created this task.Jun 18 2021, 4:03 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 18 2021, 4:03 PM
Reedy renamed this task from Verify we allowed any printable Unicode character in a password to Verify we allow any printable Unicode character in a password.Jun 18 2021, 4:16 PM
Reedy added a project: MediaWiki-Core-AuthManager.
Reedy updated the task description. (Show Details)
RhinosF1 subscribed.Jun 18 2021, 4:18 PM
Reedy removed a project: Security-Team.Jun 21 2021, 2:28 PM
TheresNoTime removed a subscriber: RhinosF1.Dec 15 2022, 11:35 PM
Jdlrobson moved this task from Backlog to Functional on the MediaWiki-User-login-and-signup board.Jul 13 2023, 4:11 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL