Contrib.social

The password validation error should not show the password score

Open on Drupal.org →
Created on 10 November 2023, about 1 year ago
Updated 27 February 2024, 9 months ago

The password validation error currently shows the password score, which is not a good user experience.

Additionally, the current implementation of the adequate_passwords_evaluate_password_strength() function uses mb_strtolower() without checking if the $username variable is null. This results in a deprecated function warning due to passing null to parameter #1 ($string) of type string.

The mb_strtolower() issue was fixed in an other issue.

🐛 Bug report
Status

Closed: won't fix

Version

1.0

Component

Code

Created by

🇷🇴Romania mihaiprodann

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @mihaiprodann
  • Comment about 1 year ago
    🇷🇴Romania mihaiprodann

    I have fixed this issue and providing a patch, please review.

  • Comment about 1 year ago
    🇷🇴Romania mihaiprodann
  • Status changed to RTBC 12 months ago
  • Comment 12 months ago
    🇷🇴Romania stefan.butura
  • Status changed to Closed: won't fix 9 months ago
  • Comment 9 months ago
    🇨🇦Canada nubeli

    The password validation error currently shows the password score, which is not a good user experience.

    This claim is debatable. Without any kind of supporting evidence, or general agreement of those using the module, I'm inclined to say I won't change this.

    I would also argue the opposite: providing some indication of the bar that must be met to have a strong-enough password is helpful, even if imperfect.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024