Details
-
Bug
-
Resolution: Fixed
-
Low
-
None
-
None
Description
Summary
When using a password policy, it is possible to set the required password strength to one of various possible strengths. The strength of the password reported by the password change page before submitting does not show the conclusion that will be reported by the Validator.
This means that it is possible to require a "Strong" password, Show the password you are trying to use as "Very Strong", and get an error that "your password must be at least 'Strong'"
Environment
Cloud
Steps to Reproduce
- Set your Organization to require a "Strong" password.
- Using an 8-character password, ensure the password barely makes it to "Very Strong" in the interface.
- Submit this as your new password.
Expected Results
Either the password is shown to be the same strength as the validator, or the password is accepted as "Very Strong".
Actual Results
The Password is rejected as not sufficiently Strong.
Notes
N/A
Workaround
The only workaround is to use a stronger password with more characters.
Attachments
Issue Links
- is related to
-
ACCESS-105 password change page reports strength of password as stronger than the validator does
- Closed
- is superseded by
-
MEGA-4917 Loading...