[rt-users] Random Password template

Binand Raj S. binand at gmx.net
Fri Jan 10 07:41:42 EST 2003

On Thu, Jan 09, 2003 at 04:16:01PM +0100, Harald Wagener wrote:
> You should set $logToFile = 'debug' in config.pm to get more  
> information. Don't forget to stop and start apache after doing so.  
> Then, try agan, and see if there is more information in the log(s).

Well, thanks. I figured the problem (and recording here for posterity :)
Should I file this as a bug in RT?

The issue was a hardcoded password length limit in RT/lib/User.pm. I had

$MinimumPasswordLength = "8";

in my etc/config.pm. But, in RT/lib/User.pm, we have:

my $pass = $self->GenerateRandomPassword(6,8);

Thus, more often than not, the random passwords thus generated were less
than 8 characters.

I changed the template to print out $pass in case of error too, to figure
this out.

For my purpose, this patch is enough. Everyone gets 8 character
passwords. YMMV. Ideally, User.pm should use $MinimumPasswordLength and
$MaximumPasswordLength (which defaults to two more than the minimum :)

--- lib/RT/User.pm.old  Fri Jan 10 07:23:50 2003
+++ lib/RT/User.pm      Fri Jan 10 07:23:56 2003
@@ -315,7 +315,7 @@
        return (0, "Permission Denied");

-    my $pass = $self->GenerateRandomPassword(6,8);
+    my $pass = $self->GenerateRandomPassword(8,8);

     # If we have "notify user on


More information about the rt-users mailing list