Front End 2-Factor Authentication / Increased password length support
I thought I had already posted this feature request, but it seems to have disappeared.
We have had multiple customers request that we support optional 2-factor authentication for customer login as well as notifications for logins from a new IP for added security on the front end.
We have also had multiple customer requests to support passwords longer than 15 characters, which is the current password max length limit for customer passwords. Many website security firms are suggesting the use of passphrases rather than passwords, and 15 characters does not really accommodate that. We have also recently started using a password manager that generates suggested secure passwords, and by default it generates 32 character passwords, again, these are not supported by the current password limitations. It seems like the 15 character limit on passwords is too limiting to accommodate many current security recommendations.
-
Yes... please let me have a password longer than 15 characters... My password is akin to this: "Ihave9sweetgrapes?" and I can't use it! GRAR -- This is very confusing to limit someone on the password length.
0 -
Any update on this?
I am constantly having to help customers because they are trying to reset their password to a password longer than 15 characters and their password reset "will not work". We have clearly stated that the passwords need to be between 6-15 characters, but customers just don't understand why they can't use passwords longer than 15 characters.
0 -
OK, I just reset a password for a customer from the customer admin page and was able to set a password longer than 15 characters. Are the customers now supposed to be able to set passwords longer than 15 characters too? Some customers do not seem to be able to, but I tested and I was able to from the admin side.
0
Please sign in to leave a comment.
Comments
3 comments