matrix-spec

mirror of https://github.com/matrix-org/matrix-spec synced 2026-03-26 21:14:09 +01:00

History

Nicolai Søborg 8891595554 Simplify password requirements A strong password is not necessary complex (https://xkcd.com/936/). Having arbitrary password requirements is a bit of a pain - we should rather push for 2FA / passwordless auth. I don't think this is a breaking change as it only change a "SHOULD" sentence. Any mismatch between clients / servers should still be 'spec complient' within the old text. ECP = Enforce Complex Password Client ECP - Server ECP: ✅ Client ECP - Server not-ECP: ✅ Client not-ECP - Server not-ECP: ✅ Client not-ECP - Server ECP: Potentially `M_WEAK_PASSWORD` which the client should already be able to handle. This change will probably make it easier to implement [MSC2000](https://github.com/matrix-org/matrix-spec-proposals/pull/2000/)	2022-09-15 12:44:45 +02:00
..
modules	Spec MSC2285: Private read receipts (#1216 )	2022-09-12 16:34:51 -06:00
_index.md	Simplify password requirements	2022-09-15 12:44:45 +02:00

Nicolai Søborg 8891595554

A strong password is not necessary complex (https://xkcd.com/936/). Having arbitrary password requirements is a bit of a pain - we should rather push for 2FA / passwordless auth. 

I don't think this is a breaking change as it only change a "SHOULD" sentence. Any mismatch between clients / servers should still be 'spec complient' within the old text.

ECP = Enforce Complex Password
Client ECP - Server ECP: ✅
Client ECP - Server not-ECP: ✅
Client not-ECP - Server not-ECP: ✅
Client not-ECP - Server ECP: Potentially `M_WEAK_PASSWORD` which the client should already be able to handle.

This change will probably make it easier to implement [MSC2000](https://github.com/matrix-org/matrix-spec-proposals/pull/2000/)

2022-09-15 12:44:45 +02:00

modules

Spec MSC2285: Private read receipts (#1216 )

2022-09-12 16:34:51 -06:00

_index.md

Simplify password requirements

2022-09-15 12:44:45 +02:00