From e27cd6fc491441c6fd08c9530d54e9bfaa96b0c8 Mon Sep 17 00:00:00 2001
From: Uwe Steinmann <steinm@debian.org>
Date: Mon, 19 Jan 2026 16:05:26 +0100
Subject: [PATCH] simple password strength algorithmn takes length of password
 into account, if length is greater than 8

---
 CHANGELOG                         | 2 ++
 inc/inc.ClassPasswordStrength.php | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG b/CHANGELOG
index dd8bd1b83..3049fb42f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -8,6 +8,8 @@
 - links to operations on folders/documents can be put into a dropdown menu
 - check for secure password when adding a new user
 - secure password check can be turned off for admins
+- simple password strength algorithmn takes length of password into account,
+  if length is greater than 8
 
 --------------------------------------------------------------------------------
                      Changes in version 5.1.44
diff --git a/inc/inc.ClassPasswordStrength.php b/inc/inc.ClassPasswordStrength.php
index ef45d6da8..8e26c41c8 100644
--- a/inc/inc.ClassPasswordStrength.php
+++ b/inc/inc.ClassPasswordStrength.php
@@ -63,7 +63,7 @@ class Password_Strength {
 			$score += 25;
 		if(preg_match('/[^0-9a-zA-Z]+/', $password))
 			$score += 25;
-		if($this->password_length < 8)
+//		if($this->password_length < 8)
 			$score *= ($this->password_length/8);
 
 		$this->password_info['total_score'] = $score;