Default values of Users: Options
64 views
Skip to first unread message
Arjen Schrijvers
Jul 20, 2017, 5:38:48 AM7/20/17
to Joomla! CMS Development
Today I was checking the default values of the USers: Options settings.
1. By default, the option Send Password is on in User Options. This means that a password is sent in the same email as the username.
From a securety point of view, this is not secure. Isn't it better to set Send Password by default on No
2. In the Password Options, I see that by default the minimum count of characters is 4.
From a security point of view, this is far too less. A minimum of 8 must be at least.
3.If I want to change the password of a Superuser, I get the message that it is not possible to change the password of a Super User. I understand the reason for it, but from the security point of view, we give too much info. Better is to treat it like a normal user. But the email will not be sent. Of course, we need to tell people that the link has been sent if they don't receive it check the spam folder or contact the owner of the site (Service Desk).
What do you all think of these suggestions?
1. By default, the option Send Password is on in User Options. This means that a password is sent in the same email as the username.
From a securety point of view, this is not secure. Isn't it better to set Send Password by default on No
2. In the Password Options, I see that by default the minimum count of characters is 4.
From a security point of view, this is far too less. A minimum of 8 must be at least.
3.If I want to change the password of a Superuser, I get the message that it is not possible to change the password of a Super User. I understand the reason for it, but from the security point of view, we give too much info. Better is to treat it like a normal user. But the email will not be sent. Of course, we need to tell people that the link has been sent if they don't receive it check the spam folder or contact the owner of the site (Service Desk).
What do you all think of these suggestions?
Reply all
Reply to author
Forward
0 new messages