-
Bug
-
Resolution: Fixed
-
Low
-
10.109.2
-
2
-
Severity 3 - Minor
-
No
Issue Summary
External users registering on an Ideation external link are able to create passwords with no password strength policies enforced, only a 50 characters limit is enforced.
However, password policies are enforced when a password reset is initiated by an external user.
Same password policies during password reset need to be applied at the point of registration.
Steps to Reproduce
- As a Super Admin, browse to Ideation, setup any Ideation Group then make it public
- Copy its External Link
- Launch a new incognito browser window or tab
- Browse to External Link
- Click Register
- Fill in all required details including desired password
- Use a password with no alphanumeric combination or special characters e.g. "mypass"
Expected Results
User registration fails as password inputted does not validate based on rules like;
- minimum length of 8 characters
- at least 1 numeric value
- at least 1 uppercase value
Actual Results
User registration is completed successfully
Workaround
Currently there is no known workaround for this behavior. A workaround will be added here when available
- is related to
-
ALIGNSP-14802 Loading...