sPasswordStrong checks for password complexity requirements. It does bare
minimal
checking for existence of uppercase, lowercase, numeral, and symbol. A password
with repeating characters
would be an acceptable password, such as 1!Aaaaaa.IsPasswordInHistory checks if
the password hash of the password being entered matches the hash of the
previous 5 passwords.
Added a check for preventing each character repeat more than twice consecutively
Signed-off-by: V V Pranav <pranav....@intel.com>
---
.../UserAuthenticationDxeStrings.uni | 4 ++--
.../UserAuthenticationDxeSmm/UserAuthenticationSmm.c | 5 +++++
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git
a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationDxeStrings.uni
b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationDxeStrings.uni
index 1e3a179677..8c4d8528ee 100644
---
a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationDxeStrings.uni
+++
b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationDxeStrings.uni
@@ -19,8 +19,8 @@
#language fr-FR "Password Management
Form"
#string STR_ADMIN_PASSWORD_PROMPT #language en-US "Change Admin Password"
#language fr-FR "Change Admin Password"
-#string STR_ADMIN_PASSWORD_HELP #language en-US "Input old admin
password if it was set, then you can change the password to a new one. After
the change action, you may need input the new password when you enter UI. The
new password must be between 8 and 32 chars include lowercase, uppercase
alphabetic, number, and symbol. Input an empty password can clean old admin
password, then no need input password to enter UI."
- #language fr-FR "Input old admin
password if it was set, then you can change the password to a new one. After
the change action, you may need input the new password when you enter UI. The
new password must be between 8 and 32 chars include lowercase, uppercase
alphabetic, number, and symbol. Input an empty password can clean old admin
password, then no need input password to enter UI."
+#string STR_ADMIN_PASSWORD_HELP #language en-US "Input old admin
password if it was set, then you can change the password to a new one. After
the change action, you may need input the new password when you enter UI. The
new password must be between 8 and 32 chars include lowercase, uppercase
alphabetic, number, symbol and each character should not repeat more than twice
consecutively. Input an empty password can clean old admin password, then no
need input password to enter UI."
+ #language fr-FR "Input old admin
password if it was set, then you can change the password to a new one. After
the change action, you may need input the new password when you enter UI. The
new password must be between 8 and 32 chars include lowercase, uppercase
alphabetic, number, symbol and each character should not repeat more than twice
consecutively. Input an empty password can clean old admin password, then no
need input password to enter UI."
#string STR_ADMIN_PASSWORD_STS_HELP #language en-US "Current Admin Password
status: Installed or Not Installed."
#language fr-FR "Current Admin Password
status: Installed or Not Installed."
#string STR_ADMIN_PASSWORD_STS_PROMPT #language en-US "Admin Password Status"
diff --git
a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationSmm.c
b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationSmm.c
index 98f40c1812..d5e1488162 100644
---
a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationSmm.c
+++
b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationSmm.c
@@ -362,6 +362,11 @@ IsPasswordStrong (
} else {
HasSymbol = TRUE;
}
+ if ((Index+2) <= (PasswordSize - 1)) {
+ if (Password[Index] == Password[Index+1] && Password[Index+1] ==
Password[Index+2]) {
+ return FALSE;
+ }
+ }
}
if ((!HasLowerCase) || (!HasUpperCase) || (!HasNumber) || (!HasSymbol)) {
return FALSE;
--
2.39.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116868): https://edk2.groups.io/g/devel/message/116868
Mute This Topic: https://groups.io/mt/105014792/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
