Increase minimum password length for admin user

[torhoehn]

Description (*)

PCI 4.0 requires a minimal password length of 12 characters, so it has to be changed from 7 to 12.

Related Pull Requests

https://github.com/magento-gl/magento2ee/pull/538
https://github.com/magento-gl/magento2b2b/pull/254

Manual testing scenarios (*)

1. Change password of an existing admin account.
2. It should fail to change the password if less than 12 characters are used.

Contribution checklist (*)

• Pull request has a meaningful description of its purpose
• All commits are accompanied by meaningful commit messages
• All new or changed code is covered with unit/integration tests (if applicable)
• README.md files for modified modules are updated and included in the pull request if any README.md predefined sections require an update
• All automated tests passed successfully (all builds are green)

Resolved issues:

1. resolves [Issue] Increase minimum password length for admin user #39327: Increase minimum password length for admin user

[m2-assistant]

Hi @torhoehn. Thank you for your contribution!
Here are some useful tips on how you can test your changes using Magento test environment.
❗ Automated tests can be triggered manually with an appropriate comment:

• @magento run all tests - run or re-run all required tests against the PR changes
• @magento run <test-build(s)> - run or re-run specific test build(s)
  For example: @magento run Unit Tests

<test-build(s)> is a comma-separated list of build names.

Allowed build names are:

1. Database Compare
2. Functional Tests CE
3. Functional Tests EE
4. Functional Tests B2B
5. Integration Tests
6. Magento Health Index
7. Sample Data Tests CE
8. Sample Data Tests EE
9. Sample Data Tests B2B
10. Static Tests
11. Unit Tests
12. WebAPI Tests
13. Semantic Version Checker

You can find more information about the builds here
ℹ️ Run only required test builds during development. Run all test builds before sending your pull request for review.

---

For more details, review the Code Contributions documentation.
Join Magento Community Engineering Slack and ask your questions in #github channel.

[Morgy93]

This line also requires modification: Line 688 in validation.js.

Update: There’s an additional line that needs attention in the same file: Line 694.

[torhoehn]

This one needs to be changed as well: https://github.com/magento/magento2/blob/2.4-develop/lib/web/mage/validation.js#L688

Thanks for pointing out, I changed that file as well.

I will leave this PR as simple as it is, to hopefully get it merged fast. I will create another PR one on top of it, to make the values configurable (magento/community-features#333).

[sprankhub]

@torhoehn, you also need to update the error message mentioned by @Morgy93 earlier.

[ihor-sviziev]

I agree that it needs to be improved for admin users, but should it also be enforced for clients?

[torhoehn]

@torhoehn, you also need to update the error message mentioned by @Morgy93 earlier.

@sprankhub Ah sorry, I will change that as well.

I agree that it needs to be improved for admin users, but should it also be enforced for clients?

@ihor-sviziev I will check that. But to keep it as simple as possible I would like to create another PR for that, because I don't know how many changes will be needed for that.

[engcom-Hotel]

@magento create issue

[torhoehn]

@magento run all tests

[engcom-Hotel]

@magento run all tests

[engcom-Hotel]

Hello @torhoehn,

Thanks for the collaboration!

I think we can cover this change with an automated test, so please do the needful and also please fix the failed tests.

Thanks

[engcom-Charlie]

@magento run all tests

[engcom-Charlie]

@magento run all tests

[engcom-Charlie]

@magento run Functional Tests B2B, Functional Tests CE, Functional Tests EE

[engcom-Charlie]

@magento run Functional Tests B2B

[engcom-Charlie]

The Functional CE and EE test failures are not consistent in recent 2 builds. The failures are neither related to PR nor part of this PR.

Functional CE
Run 1:
https://public-results-storage-prod.magento-testing-service.engineering/reports/magento/magento2/pull/39319/14d7eaf285907946221dbe513bf0b107/Functional/allure-report-ce/index.html#categories

Run 2:
https://public-results-storage-prod.magento-testing-service.engineering/reports/magento/magento2/pull/39319/2aac4463e121be43e4e62c9f28e7783d/Functional/allure-report-ce/index.html#categories

Functional EE
Run 1:
https://public-results-storage-prod.magento-testing-service.engineering/reports/magento/magento2/pull/39319/857ccf3c51b35390da28ab3b4ed2ce26/Functional/allure-report-ee/index.html#categories

Run 2:
https://public-results-storage-prod.magento-testing-service.engineering/reports/magento/magento2/pull/39319/27564117678871934702a7438e158e4f/Functional/allure-report-ee/index.html#categories

Functional B2B

One of the Functional B2B test is not consistent in recent 2 builds. The other failing tests are known issues. The failures are neither related to PR nor part of this PR.

Run 1:
https://public-results-storage-prod.magento-testing-service.engineering/reports/magento/magento2/pull/39319/eb8713aaf894c42fa4a8cf491ec08408/Functional/allure-report-b2b/index.html#categories

Run 2
https://public-results-storage-prod.magento-testing-service.engineering/reports/magento/magento2/pull/39319/1c3a01b7d390704dcfe5461632a2230b/Functional/allure-report-b2b/index.html#categories/ff086893d1b2f6d93d2b926c3d303ab7/c0205ab6b87ad11b/

Known Issues:
AC-13447: StorefrontQuoteCanBeRenamedUntilLockedTest
ACQE-7594: AdminQuoteLevelPercentDiscountNotRemovedWhenDiscountCanBeDistributedTest

[engcom-Charlie]

Considering the approval JIRA for Static test failure as mentioned here, moving this PR to Merge in Progress now,

[engcom-Charlie]

@magento run all tests

[engcom-Hotel]

@magento run all tests

[engcom-Hotel]

@magento run Functional Tests B2B, Functional Tests CE, Functional Tests EE, Static tests, WebAPI Tests

[engcom-Hotel]

Moving it back to Changes Requested due to some failures in the automated builds.

[engcom-Hotel]

@magento run Functional Tests B2B, Functional Tests EE, Functional Tests CE

[engcom-Hotel]

@magento run Functional Tests B2B

[engcom-Hotel]

As the PR is already been tested, we can refer to this comment for testing comment: #39319 (comment)

Moving this PR in extended testing as Functional B2B is still failing.

@magento run Functional Tests B2B

[engcom-Hotel]

@magento run Functional Tests B2B

[engcom-Hotel]

Functional B2B failures seems does not related to this PR changes. Please refer to the below JIRA's where these failures will address:

[NO TESTCASEID]StorefrontVerifySearchTermEntityRedirectTest : https://jira.corp.adobe.com/browse/ACQE-7705
B2B-4518: https://jira.corp.adobe.com/browse/ACQE-7568
B2B-4476: https://jira.corp.adobe.com/browse/ACQE-7568

For Static test failure, we already have an approval. Hence moving this PR to Merge in progress.

Thanks

[engcom-Charlie]

Currently we are getting PAT failures on the mainline PR while trying to merge this PR. In order to proceed with this change, we need to make some updates on infrastructure and other repositories too. I have created internal JIRA for the same.

Once its done, I will resume the work on this PR. Till then moving it to On Hold.