How Do I Disable Strong Passwords
I setup a new install of FreePBX for our offices and was unaware of the new strong passwords feature. Normally I love strong passwords, however in this install it's become a problem.
Due to the scripts we use for setting up a users extension it doesn't allow the ability to enter alpha characters into the password (which FreePBX now requires). I'm working on fixing the scripts, but in the meantime I need to get my extensions up and running.
I've un-installed the "Weak Password Detection" module, but when I attempt to set the secret for the extension, it's still saying I have to include at least to alpha characters.
Figure I'm probably overlooking something simple, but if someone could shed a little light, that would me great.
Thanks in advance!
__________________
News Announcements
New Forum Topics
- no inbound calls showing up in monitor section
- Yum won't update
- Need ability to have weather announcment on a special voicemail.
- Disabling Enum
- End-Point-Manager over Internet
- Freepbx 2.10 Recordings portal not working
- Error with style after upgrade
- Soft phone for iphone
- hi ,can anyone help me please ,i want to add custom port 7060 after my domin
- only group 0 shows up in trunk drop down list.
- Day/Night BLF
- Errors with "ARI" After update, Asterisk Failure and Interface won't load
Pop open your favorite editor
Edit the file at: admin/common/script.js.php. Add "return false;" as the first line inside of the weakSecret() block.
Existing secrets aren't scruitinized.
--
Take the sardonic comments with a grain of salt.
(The rest is meant in earnest.)
Thank you!
That seemed to do the trick to at least get my extensions up and running.
Thank you so VERY much!
How about a knob for this?
Perhaps we need a control knob to control the enforcement of this?
While it's certainly simple enough to make the edit prescribed above, I don't believe it will survive an upgrade to a new freepbx release.
A knob is probably warranted.. Looks like the weakSecret() function gets called on 2 occasions in modules/core/functions.inc.php. Those places would be the ideal spots to check for a 0|1 preference value for enforcement..
Just my $0.02.. I'll look into submitting a patch if nobody wants to take it on. Of course, I'll just need to find the time to do that. :)
It is not working for me
It is not working for me !!!
I also tried this:
function weakSecret()
{
return false;
// var password = document.getElementById('devinfo_secret').value;
// var origional_password = document.getElementById('devinfo_secret_origional').value;
//
// if (password == origional_password)
// {
// return false;
// }
//
// if (password.length <= 5)
// {
// alert('');
// return true;
// }
//
// if (password.match(/[a-z].*[a-z]/i) == null || password.match(/\d\D*\d/) == null)
// {
// alert('');
// return true;
// }
// return false;
}
I comment out everything but still asks 6 characters password !!!
Apant
You may need to empty your cache and refresh the page