This is the old issue tracking system for DokuWiki. Issues can not be added here anymore. Pleaser refer to for the new system.


FS#2654 - Add password confirmation field

Attached to Project: DokuWiki
Opened by Karl Fogel (kfogel) - Friday, 02 November 2012, 22:51 GMT
Last edited by Christopher Smith (ChrisS) - Sunday, 16 February 2014, 00:42 GMT
Task Type Feature Request
Category Security
Status Closed
Assigned To Christopher Smith (ChrisS)
Operating System All
Severity Medium
Priority Normal
Reported Version rc2012-09-10 "Adora Belle"
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No


This bug report is a summarized version of this blog post:

(It may actually be easier to just read the blog post.)

When logged in as admin, the form for adding/editing a new user does not have a password confirmation field. While this makes a kind of logical sense (no need to confirm the password since admin is setting it for the target user, not for admin), in practice the result is that admin may, out of habit, just re-paste the password into the Real Name field in the form, mistakenly assuming it is a password confirmation field, since that's where such a field would usually be (right after the original password field).

The result is a rather severe failure: the password is displayed in cleartext on the user listing, where the user's real name would usually be.

The fix is simple:

On or before form submission, check whether Real Name and Password have the same value. If they do, pop up a warning and get confirmation that this is really intended (which it almost surely is not).
This task depends upon

Closed by  Christopher Smith (ChrisS)
Sunday, 16 February 2014, 00:42 GMT
Reason for closing:  Implemented
Additional comments about closing:  PR#548 ull/548
Comment by Christopher Smith (ChrisS) - Saturday, 03 November 2012, 00:58 GMT
Not a bug. Not a good solution. Sensible feature request to have a password confirmation field.
Comment by Eitan Adler (eadler) - Saturday, 03 November 2012, 01:45 GMT
Another option (better than the duplicate content check) if a password confirmation isn't required is to just separate password option with some additional space from the real name or move things around so the password option is last.
Comment by Karl Fogel (kfogel) - Saturday, 03 November 2012, 02:35 GMT
All of those solutions sound great to me.

I think just having a password confirmation field is probably the best solution; I simply assumed that not having it was a conscious design decision. Even when it's the admin user setting someone else's password, it's still a pain for everyone if the admin mistypes the password (because mistakes are more quickly apparent with other fields, and other fields tend not to be nonsense strings). So +1 on just adding a password confirmation field.