Unclear error message / warning message for setting passwords

Created by: Alexander Schlemmer

I recently added a new user to a caosdb instance using caosdb_admin from caosdb.utils. I used the "-a" switch to directly set a password. As I result I received the following message: Maybe the password does not match the required standard?

For me the following things are unclear:

• This seems to be a question. Is the script not sure whether the standard is matched?
• There is no hint to the standard in use. (My password is actually quite complicated: long, random characters and numbers... I have no clue, what is wrong...)
• Is this a warning or an error? Has the password been set or not?

Imported comments:

By Timm Fitschen on 2021-02-26T11:25:54.089Z

marked this issue as related to caosdb-server#121 (closed)

By Florian Spreckelsen on 2021-02-26T11:23:33.410Z

See https://gitlab.com/caosdb/caosdb-server/-/issues/121 for the configuration of the minimum password complexity within the server.

By Florian Spreckelsen on 2021-02-26T11:19:08.982Z

I encountered the same Problem today. Currently, the hard requirements for a password are

• at least 8 characters
• at least 1 number
• at least 1 lower case character
• at least 1 upper case character
• at least 1 special character

We should probably soften these requirements in the server, make them configurable, and in any case, document this and make it more transparent to the user.

This issue as a problem of pycaosdb is of course solved by an improved error message which should display the password requirements.

By Alexander Schlemmer on 2021-01-21T15:35:56.597Z

Ok, 14 characters, including 3 special characters, only random ascii characters and 3 digits... what is the problem with that password?

By Alexander Schlemmer on 2021-01-21T15:29:56.932Z

Ok, I checked: the user is not created.

I also tried adding special characters, but I still receive the same error message.

DoD

• Better error message.