Make password generation methods consistent between Authentic Theme and Virtualmin

On Authentic Theme settings the Password generator field has the following description:

Set the length and character type used in the generated password. Default value equals to 12|a-z,A-Z,0-9,#, which represents password with 12 characters in length, containing upper and lower case letters, numbers and special characters. First value is numerical, which is the length of the password, immediately followed by | as a delimiter. Next is the type, where you can use numbers 0-9, letters a-z and/or A-Z, and special characters #. All of these sets can be used together or individually, using comma as a delimiter.

and when we set something like 16|a-z,A-Z,0-9,# then it works wonderfully generating various complex passwords like, for example, @d|~0w*LBWr6rmFL.

On the other hand Virtualmin Configuration page offers the following option and description under the Defaults for new domains section:

By default, randomly generated passwords will contain only upper and lower case letters and the digits 0 to 9. However, this field can be used to enter an alterative list of characters to use, such as abcdefghijklmnopqrstuvwxyz_-.0123456789 .

So we have to go with either the Default (A-Z, a-z, 0-9) which, unfortunately, does not include special characters, or put really long list of all possible characters like all the letters in lower case, and then upper case and the long list of all the special characters one by one. Please re-code so users could something shorter, for example regex, for input value of this field or just use the same approach that Ilia used in Authentic Theme. Anyway it would be really good from usability point of both Virtualmin and Authentic Theme offered all the same options.

Thanks for consideration

Status: 
Active

Comments

Assigned: Unassigned »

By the way, if I am not mistaken the word alterativein the help text should be replaced with alternative.

Assigned: »

Assigning this to Ilia - I actually didn't realize that the theme had it's own password generator.

Ilia's picture
Submitted by Ilia on Fri, 11/02/2018 - 03:35

By the way, if I am not mistaken the word alterativein the help text should be replaced with alternative.

Actually, there is a word alterative, and it fits quite well to the sentence used. Unless Jamie or Joe think it's not okay, I will keep it.

Ilia's picture
Submitted by Ilia on Fri, 11/02/2018 - 03:56

Status: Active » Fixed (pending)
Joe's picture
Submitted by Joe on Fri, 11/02/2018 - 12:34 Pro Licensee

I've never heard/seen the word "alterative". My browser spell-checker thinks it's not a word. I would have assumed typo, as well. ;-)

I also had no idea the theme had a password generator. This might be feature creep. Is there no way to consolidate all password generation to one configuration location?

Ilia's picture
Submitted by Ilia on Fri, 11/02/2018 - 12:36

I was thinking about it today. I started looking at the code, and it seems Virtualmin dependent.

If, Jamie could factor out this subroutine, and add this somewhere under WebminCore, then yes, we could use one configuration for it, under Webmin and theme could read it.

Yes, by context I say that word was supposed to be "alternative". Anyway, Ilia, form your last post I believe this has not been fixed yet as James needs to act, right? So I am marking it back to Active, correct me if I am wrong.

Ilia's picture
Submitted by Ilia on Mon, 11/05/2018 - 08:21

So I am marking it back to Active, correct me if I am wrong.

I will double check and let you know.

Ilia's picture
Submitted by Ilia on Mon, 11/05/2018 - 13:48

Okay, yes, random_password is part of Virtualmin, and if could be factored out, with its config added somewhere under Webmin Configuration, then I could completely drop configuration for password on the theme side.

The reason why it should be under Webmin, rather than be left under Virtualmin, is that password generator used under all modules and works even without installing Virtualmin module.

Project: Authentic Theme » Webmin Core
Okay, yes, random_password is part of Virtualmin, and if could be factored out, with its config added somewhere under Webmin Configuration, then I could completely drop configuration for password on the theme side. The reason why it should be under Webmin, rather than be left under Virtualmin, is that password generator used under all modules and works even without installing Virtualmin module.

Ok then let's change the issue project back to Webmin, so that Jamie could take a look at this once again.