Joomla! Issue Tracker | Joomla! CMS #18734 - a username can be the same as its password

Closed
21 Nov 2017
Medium
Build: staging
# 18734

PhilETaylor
19 Nov 2017

Steps to reproduce the issue

Create a user, its username can be exactly the same as the password

username: admin
password: admin

Expected result

That Joomla holds itself to better security/validation than this and doesn't allow this in the future. Why on earth would we allow this, I cannot see any justification.

Actual result

admin/admin is valid.
user/user is valid.

PhilETaylor - open - 19 Nov 2017

joomla-cms-bot - change - 19 Nov 2017

Labels

Added: ?

joomla-cms-bot - labeled - 19 Nov 2017

brianteeman - comment - 19 Nov 2017

as always - pull requests welcome

franz-wohlkoenig - change - 20 Nov 2017

Category

⇒

Authentication

franz-wohlkoenig - change - 20 Nov 2017

Status

New

⇒

Discussion

franz-wohlkoenig - change - 21 Nov 2017

Status	Discussion	⇒	Closed
Closed_Date	0000-00-00 00:00:00	⇒	2017-11-21 06:25:40
Closed_By		⇒	franz-wohlkoenig

joomla-cms-bot - change - 21 Nov 2017

Closed_By

franz-wohlkoenig

⇒

joomla-cms-bot

joomla-cms-bot - close - 21 Nov 2017

joomla-cms-bot - comment - 21 Nov 2017

Set to "closed" on behalf of @franz-wohlkoenig by The JTracker Application at issues.joomla.org/joomla-cms/18734

franz-wohlkoenig - comment - 21 Nov 2017

closed as having Pull Request #18766

Add a Comment

Older
Newer

Joomla! Issue Tracker - CMS

[#18734] - a username can be the same as its password

Steps to reproduce the issue

Expected result

Actual result

Add a Comment