Can I set password to something short? (less then 8 characters)

I am trying to change my admin password via yunohost tools adminpw

this is a test instance running on virtualbox with no data, so I would like an easy access to it (also, it does not have certificates sorted out, so my browser won’t save the password for it). When I try to put intentionally easy password like “admin”, I get this error:

“Error: This password is among the most used passwords in the world. Please choose something more unique.”

Is there a way to disable these checks? (I just had to boot into bash to reset the root password as I forgot my admin passward, yay for security)

Can’t you just set something like adminadmin

I guess I could but when i do not use my test machine for months again, it would not occur to me to try it I think.

A misfeature of password prompts is when they do not specify the minimum requirements - if the requirements were displayed when incorrect password is entered, that would help a lot too.

I think this setting can disable these checks (not tested):

yunohost settings set security.password.admin_strength -v -1

If it don’t work, test with security.password.admin.strength , in the past it was a point instead of a underscore.

You can disable the check for users too (not recommended, no more than for admin) with security.password.user_strength.

-1: disabled completely the check
0 : alert if listed in common password
1 : 8 letters minimum, alert if listed in common password
2 : 8 letters minimum, digit, lower and upper, alert if listed in common password
3: 8-letters minimum, digit, lower, upper, and other characters, alert if listed in common password
4: 12-letters minimum, digit, lower, upper, and other characters, alert if listed in common password

2 Likes

let us render to Caesar what is Caesar’s Aleks’

Perfect, worked like a charm, it is just:

yunohost settings set security.password.admin.strength -v -1

(there was a typo with the underscore)
Which is corrected in the second post. Of course, I would not do this on a production machine.

Which version of yunohost?

yunohost --version
yunohost: 
  repo: stable
  version: 11.1.13
yunohost-admin: 
  repo: stable
  version: 11.1.7
moulinette: 
  repo: stable
  version: 11.1.4
ssowat: 
  repo: stable
  version: 11.1.4
yunohost settings list | grep security.password
security.password.admin_strength: 
security.password.passwordless_sudo: 
security.password.user_strength:

I test it, there isn’t a typo. Your version must be older than mine.
The two settings are accepted with underscore (new setting) and point (old setting) with Yunohost 11.1.13

1 Like

Oh, yes, I am a minor version behind, sorry. I should definitely upgrade :-).

yunohost:
repo: stable
version: 11.0.10.2
yunohost-admin:
repo: stable
version: 11.0.11
moulinette:
repo: stable
version: 11.0.9
ssowat:
repo: stable
version: 11.0.9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.