I do not know if there is a planned constraint list to be allowed so sorry if I should request this otherwise.

Problem/Motivation
The module's current constraints do not allow the admin to set restrictions on specific character types (like "do not include special chars").

Proposed resolution
Create a plugin similar to the characters plugin that restricts upon certain character types.

Remaining tasks
None
The patch includes tests as well.

API changes
None.

Data model changes
None.

DISCLAIMER:
I called the constraint 'types_negate' because if I were to name it properly as 'character_types_negate' or 'character_types_restriction' some strings like 'password_policy.password_policy_character_types_restriction' would exceed the limit for the storage and will anyway be too long. The same goes for the module name. Still, I am open for better naming.

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

idimopoulos created an issue. See original summary.

idimopoulos’s picture

Status: Active » Needs review
idimopoulos’s picture

Status: Needs review » Needs work

The last submitted patch, types_negate_constraint_module.patch, failed testing.

idimopoulos’s picture

Status: Needs work » Needs review
AohRveTPV’s picture

This seems to me like a very niche need. Neither 7.x-1.x nor 7.x-2.x have a way to restrict passwords to only certain character types as far as I know, and I do not remember anyone requesting that capability.

If configured to disallow special characters, it'd prevent users from using strong passwords with special characters, no? I'm curious why you or someone might want to do that? I could see a need to sometimes restrict the set of allowable special characters when Drupal is integrated with other systems that disallow certain characters.

Maybe a good solution would be for this to become a separate D.o project? I defer to nerdstein, the 8.x-3.x maintainer.

idimopoulos’s picture

@AohRveTPV, if the maintainer says so, I do not mind to set it as a separate module. Though it is extremely similar to the character type plugin (I mainly copy-pasted most almost the entire code) so it would be easier to maintain as a couple.

As for why someone would require a password to be weaker, well.. that's a good question :D
But in the end, if the client says so, he gets so. And this is exactly why I created this. There is a specification in my current project that the password will require all capital, lowercase and numeric characters but special characters are restricted.
And since I would create the plugin I thought it would be better to have it generic for all base types.

pfrenssen’s picture

Status: Needs review » Closed (works as designed)

I work on the same project as @idimopoulos. We had a discussion with our client and they agreed that it is better not to impose restrictions on the passwords that end up making them less secure.

I am going to close this as "Works as designed" but feel free to reopen this if you need this functionality and want to continue working on it.