From: Gergő Tisza Date: Thu, 20 Dec 2018 22:51:14 +0000 (-0800) Subject: Simplify default password policy X-Git-Tag: 1.34.0-rc.0~3184 X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=commitdiff_plain;h=a183aee89e506183323b905153b302d54cd34d49 Simplify default password policy * Remove PasswordNotInLargeBlacklist => false, it's a no-op * Deduplicate PasswordCannotMatchUsername * Remove PasswordCannotBePopular. There is no point in using both PasswordCannotBePopular (top 10K passwords from SecLists) and PasswordNotInLargeBlacklist (top 100K passwords from SecLists), and the CDB lookup is probably not that cheap. Change-Id: I868846931988b88f06800e42861e82e2bb0bc427 --- diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index b78da06381..7f0f59d5ca 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -4500,28 +4500,21 @@ $wgPasswordPolicy = [ 'bureaucrat' => [ 'MinimalPasswordLength' => 10, 'MinimumPasswordLengthToLogin' => 1, - 'PasswordCannotMatchUsername' => true, - 'PasswordCannotBePopular' => 25, 'PasswordNotInLargeBlacklist' => true, ], 'sysop' => [ 'MinimalPasswordLength' => 10, 'MinimumPasswordLengthToLogin' => 1, - 'PasswordCannotMatchUsername' => true, - 'PasswordCannotBePopular' => 25, 'PasswordNotInLargeBlacklist' => true, ], 'interface-admin' => [ 'MinimalPasswordLength' => 10, 'MinimumPasswordLengthToLogin' => 1, - 'PasswordCannotMatchUsername' => true, - 'PasswordCannotBePopular' => 25, 'PasswordNotInLargeBlacklist' => true, ], 'bot' => [ 'MinimalPasswordLength' => 10, 'MinimumPasswordLengthToLogin' => 1, - 'PasswordCannotMatchUsername' => true, 'PasswordNotInLargeBlacklist' => true, ], 'default' => [ @@ -4529,7 +4522,6 @@ $wgPasswordPolicy = [ 'PasswordCannotMatchUsername' => true, 'PasswordCannotMatchBlacklist' => true, 'MaximalPasswordLength' => 4096, - 'PasswordNotInLargeBlacklist' => false, ], ], 'checks' => [