Password resetting issues…. I'll pay you to fix this Daniel.

There are two major issues in the password resetting cycle that are giving me headaches. And I don’t appreciate headaches….

Issue 1:
The required password settings are completely arbitrary. There is virtually no set of feasible parameters that will ensure the acceptance of a password, except for making it longer than the Mississippi.

Issue 2:
There is no visual or written feedback when a unacceptable or acceptable password is entered. In the case of a bad password the user is simply sent back to the login page and then faced with a “wrong username/password” message after using the password they just generated. And they have no idea what the issue is.

I tried this myself. I used the following tool to generate a password that fulfills the requirements you state: https://www.gaijin.at/olspwgen.php

I used the following settings:
https://i.imgur.com/02vFP9u.png

The passwords generated thus have:

• 10 characters
• a capital letter
• a small letter
• a number
• as well as a special character

One password I received was: Hdhx\vogp/
This would fulfill the requirements you’ve stated. Yet it wasn’t accepted.

Another password I received was: K?v(x8%veg
This was accepted.

From both my view, and especially from the view of the average paying customer of mine, this is not acceptable. There’s just no way a user can be expected to understand what’s going on here.

I need to keep every process so dead simple that no real thought process is required on the user’s side. Otherwise users will pretty much immediately give up and turn to support when something doesn’t work. That’s when my headaches start acting up again.

So please, have some compassion for my head and help me figure this out.

I’m not asking you to do this for free. I’ll gladly pay you for your work. But please understand that I need to get this done. ASAP. My only alternative to you doing this is to contract it out to somebody else. Which would be a pity, after all, it is your work in the plugin. And it’s great sans the issues mentioned.

What would the best solution be?

Ideally, I would like to be able to lower the password requirements or drop them completely from the plugin. I am willing to accept the dangers of my users having weak passwords, as in my specific case, they have little ways of wreaking havoc. On the upside, it would make life a lot easier for everyone involved.

Alternatively I’d love to see the password requirements lowered to a level where I can implement a password generating tool that will deliver 100% acceptable passwords.
Then, all the user has to do is press “generate password”, copy and paste. What a wonderful thing that would be.

Please get in touch with me Daniel. My email is oneninetyeight @?gmail.com

Thanks,
Steve.

https://www.ads-software.com/plugins/login-security-solution/