Password Safe / Bugs / #1492 Password policy - "Use at least n" not visible with easy-to-read characters

#1492 Password policy - "Use at least n" not visible with easy-to-read characters

Milestone: Next release

Status: wont-fix

Owner: nobody

Labels: None

Priority: Medium

Updated: 2019-07-20

Created: 2019-06-23

Creator: Mitch Ames

Private: No

Using Password Safe v3.49 64-bit on Windows 7 SP1 Ultimate 64-bit...

Create a new entry and password, using the default password policy - in my case 30 characters, at least 1 lowercase, 1 uppercase, 1 digit
Edit entry, change Password Policy to select "Use only Easy-to-read characters", then click OK.
Edit entry again, view Password Policy tab - all of the "at least n..." controls are no longer visible!
The same problem occurs if "generate pronounceable passwords" is selected.

Discussion

Mitch Ames - 2019-06-23

In case it wasn't clear, when I "change Password Policy to select easy-to-read", I selected "Use the policy below" - ie I edited the rules for that entry only, I did not change the stored policies (used for multiple entries) under Manage Password Policies

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Rony Shapiro - 2019-07-04

Not so much a bug as a limitation - we currently don't support "at least n..." when one or both of these checkboxes are selected.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Rony Shapiro - 2019-07-04

status: open --> wont-fix
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Mitch Ames - 2019-07-06

... we currently don't support ...

Fair enough but consider:

The "at least..." controls do not disappear immediately when I tick the "use only easy-to-read..." checkbox, so it's not obvious at the time that I set the policy that those controls are not supported. Compare this with the behaviour when I tick "use hexadecimal" - the "at least" fields are greyed out immediately. (Consistent use of greyed-out vs invisible would be helpful.)

In at least some cases the "at least" is apparently being used. Eg (with original test scenario) before selecting "use only easy-to-read" set "at least 29 digits". After setting the policy, click OK. Now edit the entry again, "Show" the password and repeatedly click "Generate". The generated password has at least 29 digits every time (very unlikely unless that rule is being enforced).

I can see that "pronounceable" could have requirements not compatible with "at least n...", but I can't think of any reason why simply excluding some hard-to-read characters should prevent "at least n..." from working with "easy-to-read". (There are still multiple easy-to-read characters of each type.) Please consider supporting "at least n..." with "only easy-to-read".

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Mitch Ames - 2019-07-20

See also https://sourceforge.net/p/passwordsafe/bugs/1494/

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Password policy - "Use at least n" not visible with easy-to-read characters

Popular easy-to-use and secure password manager

Group

Searches

Help

#1492 Password policy - "Use at least n" not visible with easy-to-read characters

Discussion