Post by Karonia69 » Tue Jul 03, 2018 6:05 pm

Hi,

I'm looking to make the customer passwords more secure, by say making the password a minimum of 8 characters and having UPPER / lower case characters plus numbers and specials or some combination of these. Is there something in open cart ( using 3.0.2.0 ) that allows for this or does anyone know of an extension ? I'm sure I can't be the first person who wanted to do something like this ;)

TIA

Newbie

Posts

Joined
Thu May 17, 2018 4:09 pm

Post by ostechnologies » Wed Jul 04, 2018 7:54 pm

Go to file catalog/view/YOUR-THEME/default/template/account/register.php,
Search for the line :
<input type="password" name="password" value="{{ password }}" placeholder="{{ entry_password }}" id="input-password" class="form-control" />

Replace It with :
<input type="password" name="password" value="{{ password }}" placeholder="{{ entry_password }}" id="input-password" class="form-control" pattern="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&])[A-Za-z\d$@$!%*?&]{8,}" title="Minimum eight characters, at least one uppercase letter, one lowercase letter, one number and one special character" />

Opencart Expert | sales[at]ost.agency
Skype - manish.osuniverse | Gtalk - manishmt

Extensions for Opencart @ https://www.ost.agency/product/product- ... extensions
ost.agency - ecommerce website design, development and digital company


User avatar
Active Member

Posts

Joined
Mon Apr 06, 2015 1:30 pm

Post by straightlight » Wed Jul 04, 2018 7:59 pm

The only downside by adding patterns is they are visible through the source.

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.


Regards,
Straightlight
Opencart.com Administrator / Quality Assurance Analyst / Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by Karonia69 » Thu Jul 05, 2018 9:21 pm

OK, being naive, what do you mean when you say - The only downside by adding patterns is they are visible through the source. ?

Visible to who ? when ? isn't it secure once the account has been created and the password stored/encrypted ?

Newbie

Posts

Joined
Thu May 17, 2018 4:09 pm

Post by straightlight » Thu Jul 05, 2018 9:25 pm

Karonia69 wrote:
Thu Jul 05, 2018 9:21 pm
OK, being naive, what do you mean when you say - The only downside by adding patterns is they are visible through the source. ?

Visible to who ? when ? isn't it secure once the account has been created and the password stored/encrypted ?
Using pattern structures that way are visible through the source from the browser which means those regular expressions are visible through the view-source.

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.


Regards,
Straightlight
Opencart.com Administrator / Quality Assurance Analyst / Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by Karonia69 » Thu Jul 05, 2018 10:11 pm

OK, I get that someone could see the structure used to enforce the password format, but would it help anyone actually work out what someone had entered ?

Newbie

Posts

Joined
Thu May 17, 2018 4:09 pm

Post by Karonia69 » Thu Jul 05, 2018 10:18 pm

ostechnologies wrote:
Wed Jul 04, 2018 7:54 pm
Go to file catalog/view/YOUR-THEME/default/template/account/register.php,
Search for the line :
<input type="password" name="password" value="{{ password }}" placeholder="{{ entry_password }}" id="input-password" class="form-control" />

Replace It with :
<input type="password" name="password" value="{{ password }}" placeholder="{{ entry_password }}" id="input-password" class="form-control" pattern="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&])[A-Za-z\d$@$!%*?&]{8,}" title="Minimum eight characters, at least one uppercase letter, one lowercase letter, one number and one special character" />
Great, how would this be applied for customers wanting to chang their password, as well as new customers registering accounts ? TIA

Newbie

Posts

Joined
Thu May 17, 2018 4:09 pm
Who is online

Users browsing this forum: pjwebdesign and 18 guests