Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wallet is using an obsolete password policy #22817

Closed
fmarier opened this issue May 12, 2022 · 1 comment · Fixed by brave/brave-core#13146
Closed

Wallet is using an obsolete password policy #22817

fmarier opened this issue May 12, 2022 · 1 comment · Fixed by brave/brave-core#13146
Assignees
@josheleonard
Labels
feature/web3/wallet Integrating Ethereum+ wallet support OS/Desktop priority/P3 The next thing for us to work on. It'll ride the trains. QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Yes release-notes/include security
Milestone
1.44.x - Release

Comments

@fmarier
Copy link
Member

fmarier commented May 12, 2022
edited
Loading

Wallet currently requires the following password policy:

Screenshot from 2022-05-05 17-11-46

which is not in line with the latest password policy guidelines from NIST.

In particular, the following changes should be made:

  • minimum length must be 8 characters
  • different character types should not be required

(Also see https://auth0.com/blog/dont-pass-on-the-new-nist-password-guidelines/ for an explanation of the changes in NIST recommendations.)
@fmarier fmarier added feature/web3/wallet Integrating Ethereum+ wallet support OS/Desktop security labels May 12, 2022
@jamesmudgett jamesmudgett added the priority/P3 The next thing for us to work on. It'll ride the trains. label Jun 7, 2022
@josheleonard josheleonard self-assigned this Jul 19, 2022
@josheleonard josheleonard mentioned this issue Jul 19, 2022
Merged
25 tasks
@brave-builds brave-builds added this to the 1.44.x - Nightly milestone Aug 12, 2022
@srirambv
Copy link
Contributor

Verified as part of #22591 (comment)

@kjozwiak kjozwiak mentioned this issue Sep 27, 2022
Closed
This was referenced Oct 3, 2022
Closed
Closed
@StephenHeaps StephenHeaps mentioned this issue Mar 31, 2023
Merged
11 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@josheleonard josheleonard

Labels
feature/web3/wallet Integrating Ethereum+ wallet support OS/Desktop priority/P3 The next thing for us to work on. It'll ride the trains. QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Yes release-notes/include security
Projects
Web3
Archived in project
Milestone
1.44.x - Release
Development

Successfully merging a pull request may close this issue.

feat: Onboarding redesign brave/brave-core
5 participants
@fmarier @jamesmudgett @srirambv @josheleonard @brave-builds