From 1ef526f0f0ea664518789c5ab73ed9de140714ad Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Wed, 18 Apr 2018 14:05:21 +0200 Subject: Strengthen the use of the Master Password. - Use 30k iterations instead of 1. - Enforce minimum password length of 8 characters. - Adjust strength meter accordingly. This resolves #82. --- toolkit/mozapps/preferences/changemp.js | 12 +++++++++--- toolkit/mozapps/preferences/changemp.xul | 7 ++++--- 2 files changed, 13 insertions(+), 6 deletions(-) (limited to 'toolkit/mozapps') diff --git a/toolkit/mozapps/preferences/changemp.js b/toolkit/mozapps/preferences/changemp.js index 82dd20128..71664b3e1 100644 --- a/toolkit/mozapps/preferences/changemp.js +++ b/toolkit/mozapps/preferences/changemp.js @@ -167,8 +167,8 @@ function setPasswordStrength() // length of the password var pwlength=(pw.length); - if (pwlength>5) - pwlength=5; + if (pwlength>10) + pwlength=10; // use of numbers in the password @@ -190,7 +190,7 @@ function setPasswordStrength() upper=3; - var pwstrength=((pwlength*10)-20) + (numeric*10) + (numsymbols*15) + (upper*10); + var pwstrength=((pwlength*5)-20) + (numeric*10) + (numsymbols*15) + (upper*10); // make sure we're give a value between 0 and 100 if ( pwstrength < 0 ) { @@ -227,6 +227,12 @@ function checkPasswords() } } + // Never accept short passwords < 8 chars + if (pw1.length < 8) { + ok.setAttribute("disabled", "true"); + return; + } + if (pw1 == pw2) { ok.setAttribute("disabled", "false"); } else diff --git a/toolkit/mozapps/preferences/changemp.xul b/toolkit/mozapps/preferences/changemp.xul index 14d02295e..b316fa42b 100644 --- a/toolkit/mozapps/preferences/changemp.xul +++ b/toolkit/mozapps/preferences/changemp.xul @@ -34,7 +34,7 @@ - +