Password too weak suggestion

[Lindsey_]

I submitted this as a bug report but it's not a bug :P

Users should not be able to use their username as their password at all.

Even a better idea... is to add a 'password too weak' notification area :)

[Amy T]

I thought I saw another topic like this and yes I agree totally.

[TrixieTang]

Posted this along with another suggestion yesterday actually. ^^;;;

http://forums.invisionpower.com/index.php?showtopic=276811

[Amy T]

I thought I had seen it before and it is a good idea in my opinion.

[AndyF]

I've seen (in cpanel at least, probably elsewhere but I cannot remember) , it warns you via a bar if the password is too weak.

But +1 for not allowing a member to choose a password that matches either their display name or login name (if using name logins)

:)

[Jaggi]

yea a password strength bar would be good.

[Cybertimber2009]

I hate with a passion when a website decides for you what is strong/weak. I don't often have a problem with it what I use though.

Not allowing your name, username, and some other basic info items is one thing, but also consider the fact that that user is making that decision to be insecure. Inform them that "hey, this isn't a good choice" and let them chose to continue.

[Olivier Turbis]

Well... some people think their password is completely secure just because it's "lol5". A password meter shouldn't stop you from chosing this password, it should just warn you.

Btw, Elad Nava made such a mod not so long ago.

[Jυra]

This sounds good maybe, but I can't say I want my forum playing mommy with new members. Some users might not want a fancy password either. It may lead to forums getting less members.

[TrixieTang]

As I suggested, the admin should set whether a strong pass is required, and if so, how strong.

Some forums have more of a need for strong passwords, others don't.

And that way, you can blame the admin of a forum rather than IPS if they require a strong password. :lol: