Red Hat Bugzilla – Bug 233461
RFE: Usability Issues with Create New Account Form
Last modified: 2007-08-16 15:23:34 EDT
Note: keeping bug public so customer can follow.
Description of problem:
- if user checks of the Red Hat contact authorization checkboxes on this form,
if they are flipped back to choose another account name these checkbox
selections are lost. these selections should be persistent when the username
and/or password is rejected.
- password rejection message does not state the allowed/disallowed characters
nor the character max length limit. password rules seem strange as some non
numeric non letter characters are accepted but others are not. recommend that we
are more lenient in allowing these types of characters in passwords as it
increases potential security.
"When filling out the new account form for "personal" accounts I'm sure I like
everyone else who tries had it fail due to the account name I chose being
already taken and it flips me back to try again. This happened over and over and
over, as it must for most people.
"One thing I think could be better here is that while I checked the box to have
email from redhat sent to me that did not stick when I was returned to try again
so I had to reclick that every time.
"The password was another problem. That was also rejected (too good I'm sure).
:) If I enterred a password that was too short I got a nice little message
telling me it had to be at least 6 characters long. If I entered one that long
or longer that was rejected as invalid I was given no clue as to why or what
characters were allowed or not. I'm guessing '<' was not a valid character but
it would have been easier to figure out if there were a little popup or
something that just explained the rules for passwords. I still find it weird
that '<' seems bad but ':' seems good.
Committed revision 17785. (Checkbox fix)
Committed revision 17792. (Password fix)
Added the following error message:
Password must be ASCII and cannot contain the following special characters (")
(<) (>) (space)
alphanumeric might be a better term to use than ASCII (jargony and I think there
are a lot more exceptions than the 4 you noted if you use 'ASCII')
I think in rhn for accounts for example we say must be alphanumeric and may
contain the characters - _ ( ) [ ] or whatnot.
just a suggestion.
Updated to ON_QA buy bugzillaupdater
verified on QA
Moving everything to ON_DEV to get revisited for the "true up" release.
We will reverify this for TRUUP.
The TRUUP release is officially wsd239.
Closed with the 8/14 release.