Password not complex enough

[Philipp at UiT]

For one of our sub-dataverses we use an external registration form where researchers from outside our institution can sign up for an account. The registration form automatically generates a password complying to the Dataverse requirement, i.e. at least one letter, at least one number, and at least 6 characters of length. The user information is sent to the user, and we then create an account on behalf of the new user. However, for our latest user the generated password was GCRS518, and Dataverse did not accept this password. I had to change it to gcrs518. So, does this mean that at least one letter has to be lower case?

Best,

Philipp

[Philip Durbin]

I feel like I've head this bug report before, probably in the context of https://github.com/IQSS/dataverse/issues/3150 , but I don't think it's being tracked anywhere. If you'd like to create a GitHub issue, please go ahead.

For what it's work, I just tested it locally by adding `toUpperCase` in the `getPassword` method used by the `BuiltinUsersIT` test and I'm seeing even stranger behavior via the API. One can create the account with an "all uppercase" password but then you can't use it. Very strange. There's a bug in there.

Phil

--
You received this message because you are subscribed to the Google Groups "Dataverse Users Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dataverse-community+unsub...@googlegroups.com.
To post to this group, send email to dataverse-community@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dataverse-community/097c7aed-ae1b-4cb3-bf92-0e6ec5dda660%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Philip Durbin
Software Developer for http://dataverse.org
http://www.iq.harvard.edu/people/philip-durbin