Facebook
Twitter
Christoph Farnleitner
New Pleskian
Hey
Plesk 17.5.3
By default, when an user wants to reset its panel user's password, it will be redirected to https://domain.tld:8443/ch_pass_by_secret.php?secret=abCxyZ at one point.
Since I've set the password security to very strong I found many users being unable to deal with the error message given in case the entered new password is not strong enough:
The problems here are the facts that there is no mention of the minimum length of the password and also there is no "Generate" button present as it can be found in many other forms that require a password input by the user.
Even though the support page How does password strength policy work in Plesk? gives a good hint about how a password should be build in my eyes it is not suitable to required users to first of all read some docs about how the password policy in plesk works before they can login.
So I though about modifying ch_pass_by_secret.php (/opt/psa/admin/htdocs/ch_pass_by_secret.php) on my own, however this file is encoded - also I can not find any information about how to make a template change update-proof (not 100% sure this is the correct file but at least that's the one that gets called).
Giving an user voice/request certainly is an option but since I haven't found any related topic so far I'm afraid that the request will become on of these single-voice-requests. So, how could I achieve a "Generate" password button and a more meaningful error description?
Expected result may look somewhat like this:
Plesk 17.5.3
By default, when an user wants to reset its panel user's password, it will be redirected to https://domain.tld:8443/ch_pass_by_secret.php?secret=abCxyZ at one point.
Since I've set the password security to very strong I found many users being unable to deal with the error message given in case the entered new password is not strong enough:
Error: Your password is not complex enough. According to the server policy, the minimal password strength is Very strong. To improve the password strength, use numbers, upper and lower-case characters, and special characters like !,@,#,$,%,^,&,*,?,_,~
The problems here are the facts that there is no mention of the minimum length of the password and also there is no "Generate" button present as it can be found in many other forms that require a password input by the user.
Even though the support page How does password strength policy work in Plesk? gives a good hint about how a password should be build in my eyes it is not suitable to required users to first of all read some docs about how the password policy in plesk works before they can login.
So I though about modifying ch_pass_by_secret.php (/opt/psa/admin/htdocs/ch_pass_by_secret.php) on my own, however this file is encoded - also I can not find any information about how to make a template change update-proof (not 100% sure this is the correct file but at least that's the one that gets called).
Giving an user voice/request certainly is an option but since I haven't found any related topic so far I'm afraid that the request will become on of these single-voice-requests. So, how could I achieve a "Generate" password button and a more meaningful error description?
Expected result may look somewhat like this:
