Skip to content

Limit password length (at a reasonable length) #13491

New issue
New issue
Closed
#13494
Closed
Limit password length (at a reasonable length)#13491
#13494
Assignees
tsteur
Labels
c: SecurityFor issues that make Matomo more secure. Please report issues through HackerOne and not in Github.
Milestone
3.8.0
@Findus23

Description

@Findus23
Findus23
opened on Sep 27, 2018

related to #10235 and partly reverses #10349
reported in 415304

While long passwords are definitely more secure, allowing 200 000 character and more character long password makes it possible to DDOS the server.

So I'd propose to reintroduce a password limit, but at a reasonable length (maybe 200 characters)

Metadata

Metadata

Assignees

Labels

c: SecurityFor issues that make Matomo more secure. Please report issues through HackerOne and not in Github.

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions