Update UserFactory password #4795
Conversation
The default password is 'secret' which is 6 characters. This is less than the new requirement of minimum 8 character password. The new default is set to 'secretpass'
|
@connectkushal have you considered |
|
Since its used only for the tests |
|
if many think so i am willing to change it. edit: Change done ! Deleted the explanation as its unnecessary now. |
change from secretpass to password
|
Who will update auth related controllers? And translation laravel/resources/lang/en/passwords.php Line 16 in a273cea |
|
@ankurk91 Please read the pr description again. |
|
You send it to I don't see any description about Auth related controllers. They are still enforcing min 6 length passwords |
|
But master is 5.8. Isn't it? |
|
Ah... it seems that laravel/laravel repository don't have 5.7 branch yet, so @ankurk91 is right. It will affect on 5.7 releases. |
|
Changing required length for 5.7 may affect users of websites using current version. It is a breaking change, and is best to enforce the change in minimum password length in 5.8. Since UserFactory is used for testing and development, any changes can be safely made to it, as done by this pr. If maintainers raise the same issue please create a new pr as you guys have pointed this out. Or if maintainers think this is the wrong branch I have made the same changes to the develop branch, here #4797 |
|
Develop branch? |
The password set by the default UserFactory is
secretwhich is 6 characters. This is less than the required minimum 8 character length as per new NIST standards on memorized secrets (i.e. user passwords) as stated here laravel/framework#25957Although this is enforced in the next version of laravel by #4794, I think the UserFactory default should be changed in the current version itself.
By this pr, the new default is set to
password