[wp-trac] [WordPress Trac] #23494: impossible to log in with password containing leading or trailing spaces
WordPress Trac
noreply at wordpress.org
Tue Mar 26 12:11:36 UTC 2013
#23494: impossible to log in with password containing leading or trailing spaces
-------------------------------------+-----------------------
Reporter: mich1 | Owner: westi
Type: defect (bug) | Status: accepted
Priority: high | Milestone: 3.6
Component: Users | Version: 2.5
Severity: major | Resolution:
Keywords: needs-patch 2nd-opinion |
-------------------------------------+-----------------------
Changes (by westi):
* status: new => accepted
* severity: normal => major
* component: General => Users
* priority: normal => high
* owner: => westi
* milestone: Awaiting Review => 3.6
* keywords: => needs-patch 2nd-opinion
Comment:
This is kind of sucky because we now have this easy to get into situation:
# Change password to a passphrase with a space on the end or begining
# Lock yourself out and have to go through the password reset dance.
Currently all these users are "locked out" so we don't have to support
their passwords but we should either support them by removing the trim in
{{{wp_authenticate()}}} or add a trim in {{{wp_set_password}}} to match
the other trim so that users can't get themselves into this confusing
mess.
Marking for 3.6 as I think we should resolve this sooner rather than later
as the use of pass phrases is becoming more common and I am seeing more
reports of this issue.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/23494#comment:3>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list