name / passwords check not working as expected

Created on 10 February 2024, 10 months ago

Updated 5 March 2024, 9 months ago

Problem/Motivation

When I perform the name/password check (Drupal 10.2.3), it incorrectly indicates to each user that their password matches their username, even though it does not.

Steps to reproduce

perform the name/password check

Proposed resolution

A look into the name_passwords.batch.inc, line 35, shows that the regular password is used for authentication. Shouldn't an attempt be made to use the username as the password here, or am I mistaken?

something like:

    if ($user_auth->authenticate($user->getDisplayName(), $user->getDisplayName())) {
      $findings[] = $user->getDisplayName();
    }

If I adjust the mentioned line as described above, then the test works as expected.

🐛 Bug report

Status

Fixed

Version

3.0

Component

Code

Created by

codaBAM

Live updates comments and jobs are added and updated live.

Incomplete comments

Merge Requests

!53name / passwords check not working as expected
Merged
🇺🇸United States smustgrave
updated 9 months ago

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment 10 months ago →
🇳🇴Norway gisle Norway
First commit to issue fork.
Merge request !53Resolve #3420553 "Name passwords" → (Merged) created by smustgrave
Status changed to Needs review 9 months ago6:47pm 14 February 2024
Comment 9 months ago →
🇺🇸United States smustgrave
Comment 9 months ago →
System Message

smustgrave → committed 8e64987d on 3.0.x
Resolve #3420553 "Name passwords"
Status changed to Fixed 9 months ago4:01pm 15 February 2024
Comment 9 months ago →
🇺🇸United States smustgrave
Want to include in a rc3 release
Comment 9 months ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024