From af35245f97a42bd5aa8d324a58481c50688cc9f9 Mon Sep 17 00:00:00 2001 From: Maxime Culea Date: Sun, 2 Oct 2016 13:28:02 +0200 Subject: [PATCH 1/5] Change password hint string depending on password complexity exemption length. --- login-security-solution.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/login-security-solution.php b/login-security-solution.php index 67e1437..5081a95 100644 --- a/login-security-solution.php +++ b/login-security-solution.php @@ -759,7 +759,11 @@ public function login_message($out = '') { */ public function password_hint($hint = '') { $this->load_plugin_textdomain(); - return $this->hsc_utf8(sprintf(__("The password should either be: A) at least %d characters long and contain upper and lower case letters (except languages that only have one case) plus numbers and punctuation, or B) at least %d characters long. The password can not contain words related to you or this website.", 'login-security-solution'), $this->options['pw_length'], $this->options['pw_complexity_exemption_length'])); + if ( apply_filters( 'pw_complexity_exemption_length\activation', true ) ) { + return $this->hsc_utf8(sprintf(__("The password should either be: A) at least %d characters long and contain upper and lower case letters (except languages that only have one case) plus numbers and punctuation, or B) at least %d characters long. The password can not contain words related to you or this website.", 'login-security-solution'), $this->options['pw_length'], $this->options['pw_complexity_exemption_length'])); + } else { + return $this->hsc_utf8(sprintf(__("The password should at least be %d characters long and contain upper and lower case letters (except languages that only have one case) plus numbers and punctuation. The password can not contain words related to you or this website.", 'login-security-solution'), $this->options['pw_length'])); + } } /** From 1363bb20eb97f5998e134ecd20d73065f4ceae81 Mon Sep 17 00:00:00 2001 From: Maxime Culea Date: Sun, 2 Oct 2016 13:31:26 +0200 Subject: [PATCH 2/5] Add E CASE password error string depending on password complexity exemption length. --- login-security-solution.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/login-security-solution.php b/login-security-solution.php index 5081a95..573788e 100644 --- a/login-security-solution.php +++ b/login-security-solution.php @@ -2020,7 +2020,11 @@ protected function msg($code) { case self::E_ASCII: return __("Passwords must use ASCII characters.", 'login-security-solution'); case self::E_CASE: - return sprintf(__("Passwords must either contain upper-case and lower-case letters or be %d characters long.", 'login-security-solution'), $this->options['pw_complexity_exemption_length']); + if ( apply_filters( 'pw_complexity_exemption_length\activation', true ) ) { + return sprintf(__("Passwords must either contain upper-case and lower-case letters or be %d characters long.", 'login-security-solution'), $this->options['pw_complexity_exemption_length']); + } else { + return __("Passwords must contain upper-case and lower-case letters.", 'login-security-solution'); + } case self::E_COMMON: return __("Password is too common.", 'login-security-solution'); case self::E_DICT: From 14de391e3d6529554925e71845d543600c973694 Mon Sep 17 00:00:00 2001 From: Maxime Culea Date: Sun, 2 Oct 2016 13:33:09 +0200 Subject: [PATCH 3/5] Add E NUMBER password error string depending on password complexity exemption length. --- login-security-solution.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/login-security-solution.php b/login-security-solution.php index 573788e..8e66b2a 100644 --- a/login-security-solution.php +++ b/login-security-solution.php @@ -2032,7 +2032,11 @@ protected function msg($code) { case self::E_EMPTY: return __("Password not set.", 'login-security-solution'); case self::E_NUMBER: - return sprintf(__("Passwords must either contain numbers or be %d characters long.", 'login-security-solution'), $this->options['pw_complexity_exemption_length']); + if ( apply_filters( 'pw_complexity_exemption_length\activation', true ) ) { + return sprintf(__("Passwords must either contain numbers or be %d characters long.", 'login-security-solution'), $this->options['pw_complexity_exemption_length']); + } else { + return __("Passwords must contain numbers.", 'login-security-solution'); + } case self::E_PUNCT: return sprintf(__("Passwords must either contain punctuation marks / symbols or be %d characters long.", 'login-security-solution'), $this->options['pw_complexity_exemption_length']); case self::E_REUSED: From 7c59c55a1978b818697b1a67890478ea10ec2ba3 Mon Sep 17 00:00:00 2001 From: Maxime Culea Date: Sun, 2 Oct 2016 13:35:05 +0200 Subject: [PATCH 4/5] Add E PUNCT password error string depending on password complexity exemption length. --- login-security-solution.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/login-security-solution.php b/login-security-solution.php index 8e66b2a..927f2e3 100644 --- a/login-security-solution.php +++ b/login-security-solution.php @@ -2038,7 +2038,11 @@ protected function msg($code) { return __("Passwords must contain numbers.", 'login-security-solution'); } case self::E_PUNCT: - return sprintf(__("Passwords must either contain punctuation marks / symbols or be %d characters long.", 'login-security-solution'), $this->options['pw_complexity_exemption_length']); + if ( apply_filters( 'pw_complexity_exemption_length\activation', true ) ) { + return sprintf(__("Passwords must either contain punctuation marks / symbols or be %d characters long.", 'login-security-solution'), $this->options['pw_complexity_exemption_length']); + } else { + return __("Passwords must contain punctuation marks / symbols.", 'login-security-solution'); + } case self::E_REUSED: return __("Passwords can not be reused.", 'login-security-solution'); case self::E_SEQ_CHAR: From e294178e33dc8843ddd1339ab9d1d88d6ac709da Mon Sep 17 00:00:00 2001 From: Maxime Culea Date: Sun, 2 Oct 2016 13:41:10 +0200 Subject: [PATCH 5/5] Add filter to disable or enable complexity exemption length check. --- login-security-solution.php | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/login-security-solution.php b/login-security-solution.php index 927f2e3..2a1a82e 100644 --- a/login-security-solution.php +++ b/login-security-solution.php @@ -2944,11 +2944,16 @@ public function validate_pw($user, &$errors = null) { return false; } - $length = $this->strlen($pw); - if ($length < $this->options['pw_complexity_exemption_length']) { - $enforce_complexity = true; + $length = $this->strlen( $pw ); + if ( apply_filters( 'pw_complexity_exemption_length\activation', true ) ) { + if ( $length < $this->options['pw_complexity_exemption_length'] ) { + $enforce_complexity = true; + } else { + $enforce_complexity = false; + } } else { - $enforce_complexity = false; + // Don't exempt with password length, check anyway password policy + $enforce_complexity = true; } // NOTE: tests ordered from fastest to slowest.