Mediawiki 1.35.0, LocalSettings.php has
$wgPasswordPolicy['policies']['default']['MinimalPasswordLength'] = 8;
But when I try to change my (administrator account) password, I get the red text 'Passwords must be at least 10 characters', and it won't accept the 8 character password I want
That is the 'default' only as the name suggests. Any more specific policy will override it. You're being asked for 10 because that's the requirement for users in 'sysop' group.
You must to change it there too: $wgPasswordPolicy['policies']['default']['MinimalPasswordLength'] = 8;. If you're in interface-admin or bureaucrat groups you must also change it for each group.
That occurred to me, though its hardly obvious, as a default I specify should override something set inside code so I added the lines to correspond to Special:ActiveUsers
$wgPasswordPolicy['policies']['default']['MinimalPasswordLength'] = 8; $wgPasswordPolicy['policies']['administrator']['MinimalPasswordLength'] = 8; $wgPasswordPolicy['policies']['interface administrator']['MinimalPasswordLength'] = 8; $wgPasswordPolicy['policies']['bureaucrat']['MinimalPasswordLength'] = 8;
And nothing changed. I even added sysop, in case that was some daft hidden group
Only by editing includes/DefaultSettings.php and changing all the 10s to 8s did I manage to beat it into submission. Grrrr
$wgPasswordPolicy['policies'] = [
'default' => ['MinimalPasswordLength' => 8]];
Alternatively, you can put var_dump( $wgPasswordPolicy); die(); at the very end of LocalSettings.php to figure out the final value and see if its what you expect.
There's no group 'administrator', so that line would not do any anything. The canonical name of the group is 'sysop'. You're not supposed to edit DefaultSettings.php. You better copy the relevant lines to LocalSettings.php
Basic information
Username:John: Member of groups:Administrators, Autoconfirmed users, Bureaucrats, Interface administrators, Users
No sign of sysop here
$wgPasswordPolicy['policies'] = [ 'default' => ['MinimalPasswordLength' => 12];
makes my system lock up. I will stick with editing includes/DefaultSettings.php and moaning
"No sign of sysop here"
Sysop is the technical name of the administrators group in the software. The 'human' name value of it is "Administrator". This fact is arguably so well hidden in the interface these days, that it is hard to know if you don't know about the old name. A place where you can still see it is in the url of list users: Special:ListUsers/sysop
$wgPasswordPolicy['policies'] = [ 'default' => ['MinimalPasswordLength' => 12];
[] need to be balanced. you are missing a ] at the end there.
Mediawiki seems very confused over Administrator vs sysop. If the public face of the role is Administrator, why do urls and documentation like https://www.mediawiki.org/wiki/Manual:User_rights#List_of_groups talk about 'sysop' and 'bureaucrat' when an installer could imagine both administering things.
https://www.mediawiki.org/wiki/Manual:$wgPasswordPolicy is as confused as anywhere.
Maybe you solved this by now but if someone else struggle with this like I did today, here's what worked for me (added to LocalSettings.php):
## Change MinimalPasswordLength
$wgPasswordPolicy['policies']['default']['MinimalPasswordLength'] = 8;
$wgPasswordPolicy['policies']['sysop']['MinimalPasswordLength'] = 8;
$wgPasswordPolicy['policies']['interface-admin']['MinimalPasswordLength'] = 8;
$wgPasswordPolicy['policies']['bureaucrat']['MinimalPasswordLength'] = 8;
Hi,
I yesterday installed a local copy of mediawiki and have the same problem as @Vicarage. I have set the the dump as recommended by @Bawolff. Result is:
array(2) { ["policies"]=> array(5) { ["bureaucrat"]=> array(2) { ["MinimalPasswordLength"]=> int(6) ["MinimumPasswordLengthToLogin"]=> int(1) } ["sysop"]=> array(2) { ["MinimalPasswordLength"]=> int(6) ["MinimumPasswordLengthToLogin"]=> int(1) } ["interface-admin"]=> array(2) { ["MinimalPasswordLength"]=> int(10) ["MinimumPasswordLengthToLogin"]=> int(1) } ["bot"]=> array(2) { ["MinimalPasswordLength"]=> int(10) ["MinimumPasswordLengthToLogin"]=> int(1) } ["default"]=> array(5) { ["MinimalPasswordLength"]=> int(6) ["PasswordCannotBeSubstringInUsername"]=> array(2) { ["value"]=> bool(true) ["suggestChangeOnLogin"]=> bool(true) } ["PasswordCannotMatchDefaults"]=> array(2) { ["value"]=> bool(true) ["suggestChangeOnLogin"]=> bool(true) } ["MaximalPasswordLength"]=> array(2) { ["value"]=> int(4096) ["suggestChangeOnLogin"]=> bool(true) } ["PasswordNotInCommonList"]=> array(2) { ["value"]=> bool(true) ["suggestChangeOnLogin"]=> bool(true) } } } ["checks"]=> array(6) { ["MinimalPasswordLength"]=> string(48) "PasswordPolicyChecks::checkMinimalPasswordLength" ["MinimumPasswordLengthToLogin"]=> string(55) "PasswordPolicyChecks::checkMinimumPasswordLengthToLogin" ["PasswordCannotBeSubstringInUsername"]=> string(62) "PasswordPolicyChecks::checkPasswordCannotBeSubstringInUsername" ["PasswordCannotMatchDefaults"]=> string(54) "PasswordPolicyChecks::checkPasswordCannotMatchDefaults" ["MaximalPasswordLength"]=> string(48) "PasswordPolicyChecks::checkMaximalPasswordLength" ["PasswordNotInCommonList"]=> string(50) "PasswordPolicyChecks::checkPasswordNotInCommonList" } }
From my perspective it shows the param is set and accepted.
But still, when trying to change the password for a user (the only user created as admin during setup), i get the message the minimum password length is 10.
$wgPasswordPolicy['policies']['default']['MinimalPasswordLength'] = 6; $wgPasswordPolicy['policies']['bureaucrat']['MinimalPasswordLength'] = 6; $wgPasswordPolicy['policies']['sysop']['MinimalPasswordLength'] = 6;
Any idea why this happens?
Regards
Kallewirsch
Upate:
when writing the reply I reconcnized the user created during setup might be of role "interface-admin" (makes sense). I added this to the params and now it works for the user where I tested it.