• User password problem

    From Mark i to All on Tuesday, May 24, 2022 09:05:21

    Hello. Can someone please tell me where I can find the setting for the user password length and requirements?

    My new users try to sign up when they get to creating their own password it keeps coming up the "password to obvious" message no matter what they enter. They end up dropping carrier.

    How can I change that so they can enter any password they want. I can't find it in BBS config

    Thanks
    Mark
  • From Andre@RDOMENTR to Mark i on Tuesday, May 24, 2022 12:17:24
    Re: User password problem
    By: Mark i to All on Tue May 24 2022 09:05 am

    How can I change that so they can enter any password they want. I can't find it in BBS config

    Tell them to stop trying to use 1234, 4321, ABCD, or ZYXW. Or change the hardcoded checks for that.


    - Andre

    ---
    ■ Synchronet ■ Radio Mentor BBS - bbs.radiomentor.org
  • From Mark i to Andre on Tuesday, May 24, 2022 10:53:36

    Hi. They are not using those passwords . I tried using my daughters middle name and birth date. Then just random numbers. Still get the message.

    Do you know where the hard coding is? Which file?

    Thanks
  • From Digital Man to Mark i on Tuesday, May 24, 2022 12:09:48
    Re: User password problem
    By: Mark i to All on Tue May 24 2022 09:05 am

    Hello. Can someone please tell me where I can find the setting for the user password length and requirements?

    SCFG->System:
    Users Can Change Password Yes, 4 chars minimum

    Also, the file text/password.can


    My new users try to sign up when they get to creating their own password it keeps coming up the "password to obvious" message no matter what they enter. They end up dropping carrier.

    How can I change that so they can enter any password they want. I can't find it in BBS config

    Some obvious passwords are always disallowed from str.cpp->sbbs_t::chkpass(). Here's that logic:

    if((unique && user->pass[0]
    && (strstr(pass,user->pass) || strstr(user->pass,pass)))
    || (name[0]
    && (strstr(pass,name) || strstr(name,pass)))
    || strstr(pass,alias) || strstr(alias,pass)
    || strstr(pass,first) || strstr(first,pass)
    || (last[0]
    && (strstr(pass,last) || strstr(last,pass)))
    || strstr(pass,handle) || strstr(handle,pass)
    || (user->zipcode[0]
    && (strstr(pass,user->zipcode) || strstr(user->zipcode,pass)))
    || (sysname[0]
    && (strstr(pass,sysname) || strstr(sysname,pass)))
    || (sysop[0]
    && (strstr(pass,sysop) || strstr(sysop,pass)))
    || (cfg.sys_id[0]
    && (strstr(pass,cfg.sys_id) || strstr(cfg.sys_id,pass)))
    || (cfg.node_phone[0] && strstr(pass,cfg.node_phone))
    || (user->phone[0] && strstr(user->phone,pass))
    || !strncmp(pass,"QWER",3)
    || !strncmp(pass,"ASDF",3)
    || !strncmp(pass,"!@#$",3)
    )
    {
    bputs(text[PasswordObvious]);
    return(false);
    }
    --
    digital man (rob)

    This Is Spinal Tap quote #42:
    What day the Lord created Spinal Tap and couldn't he have rested on that day? Norco, CA WX: 76.0°F, 56.0% humidity, 8 mph SSE wind, 0.00 inches rain/24hrs