name / passwords check not working as expected

Created on 10 February 2024, 11 months ago
Updated 5 March 2024, 10 months ago

Problem/Motivation

When I perform the name/password check (Drupal 10.2.3), it incorrectly indicates to each user that their password matches their username, even though it does not.

Steps to reproduce

perform the name/password check

Proposed resolution

A look into the name_passwords.batch.inc, line 35, shows that the regular password is used for authentication. Shouldn't an attempt be made to use the username as the password here, or am I mistaken?

something like:

    if ($user_auth->authenticate($user->getDisplayName(), $user->getDisplayName())) {
      $findings[] = $user->getDisplayName();
    }


If I adjust the mentioned line as described above, then the test works as expected.

πŸ› Bug report
Status

Fixed

Version

3.0

Component

Code

Created by

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.71.5 2024