Committer: gariev
LJSUP-8060: Secure password criteria needs to be revisedU trunk/bin/upgrading/en_LJ.dat U trunk/cgi-bin/ljcom.pl
Modified: trunk/bin/upgrading/en_LJ.dat =================================================================== --- trunk/bin/upgrading/en_LJ.dat 2011-03-02 04:34:02 UTC (rev 10145) +++ trunk/bin/upgrading/en_LJ.dat 2011-03-02 04:41:38 UTC (rev 10146) @@ -3012,6 +3012,8 @@ ljcom.badpass.common=Your password is based on a commonly used password. +ljcom.badpass.digits_only=Your password should not contains digits only. + ljcom.badpass.displayname=Your password cannot be based on your display name. ljcom.badpass.distinct=Your password must have at least four different characters. Modified: trunk/cgi-bin/ljcom.pl =================================================================== --- trunk/cgi-bin/ljcom.pl 2011-03-02 04:34:02 UTC (rev 10145) +++ trunk/cgi-bin/ljcom.pl 2011-03-02 04:41:38 UTC (rev 10146) @@ -761,6 +761,11 @@ return $code_words->('ljcom.badpass.ascii'); } + # contains letters (and may contain digits) + if ($password =~ /^\d+$/) { + return $code_words->('ljcom.badpass.digits_only'); + } + # at least 6 chars if (length($password) < 6) { return $code_words->('ljcom.badpass.length');