It's not always a good idea
chx - September 25, 2008 - 19:06
| Project: | Password policy |
| Version: | 6.x-1.x-dev |
| Component: | Documentation |
| Category: | task |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
Description
It should be documented that enforcing such a policy is only good from a technical standpoint, you are likely to end up with a situation where the users write down their super secure and super impossible to remember passwords. Help texts on how can you memorize such things (like shifting a word one row up the keyboard and so on) and maybe linking supergenpass.com might help.
#1
This module is for those websites which have to apply and enforce some password strength rules to the website. Easy to remember passwords usually are week and contradict the policy of using higher strength passwords.
Anyway there is always a password reset form in case the password is forgotten.