feat: Reduce password strength requirements (#1224)

jeessy2 · Aug 19, 2024 · 771e180 · 771e180
1 parent 3257d07
commit 771e180
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/config/config.go b/config/config.go
@@ -205,9 +205,9 @@ func (conf *Config) ResetPassword(newPassword string) {
 
 // CheckPassword 检查密码
 func (conf *Config) CheckPassword(newPassword string) (hashedPwd string, err error) {
-	var minEntropyBits float64 = 50
+	var minEntropyBits float64 = 30
 	if conf.NotAllowWanAccess {
-		minEntropyBits = 25
+		minEntropyBits = 20
 	}
 	err = passwordvalidator.Validate(newPassword, minEntropyBits)
 	if err != nil {

diff --git a/web/login.go b/web/login.go
@@ -158,7 +158,7 @@ func loginUnlock() (minute uint32) {
 
 	go func(ticker *time.Ticker) {
 		for range ticker.C {
-			ld.failedTimes = 0
+			ld.failedTimes = 4
 			ticker.Stop()
 		}
 	}(ld.ticker)