Hi all,
hopefully someone can assist during the issue I’m currently facing with our XWiki.
When trying to do a password reset the process is working until setting a new password. As long as the password rule for " REQUIRE AT LEAST ONE SYMBOL CHARACTER IN THE PASSWORD" is deactivated the hole process of doing a password reset is working fine. But if symbol characters are required also an trying to set a password e.g. including a ! or @ signs xwiki states: “The provided password is not compliant with the password security rules.”
thanks for the report I opened Loading... as I’m apparently seeing a bug when testing the mechanism in a unit test.
Could you just tell me which version of XWiki you’re using? And also do you confirm that the issue only reproduces if you select only the rule to have one symbol: i.e. when you have multiple rules selected including the one for symbol does it reproduce too?
I can reproduce the issue when selecting “REQUIRE AT LEAST ONE SYMBOL CHARACTER IN THE PASSWORD” as password rule only and also when several requirements are activated.
Maybe interesting point: When “REQUIRE AT LEAST ONE SYMBOL CHARACTER IN THE PASSWORD” isn’t active and doing a password reset symbols are possible to use in a new password.
For me it seems to be an issue in recognizing valid symbols…
If you need more information just let me know please.
Regards, Thomas