Page MenuHome GnuPG

GnuPG, pinentry: Passphrase pattern error / warning does not match new logic
Closed, ResolvedPublic


As discussed in the office, the first feedback I have gotten about the new password rules is that the error message is confusing. It was intended for the pattern files which were dictonaries or rules for which a password was rejected.

But our new logic also has the rules for acceptable passwords. For such problems the current error message does not match.

My idea would be to use the configurable help string as the error, which we normally show as the tooltip. This way we could explain the password rules based on configuration.



Event Timeline

aheinecke triaged this task as Normal priority.Sep 23 2021, 12:15 PM
aheinecke created this task.
werner lowered the priority of this task from Normal to Low.Sep 2 2022, 3:13 PM

Can't we get them from the help.txt file? Putting a tooltip into the pattern file would be an option but needs substantial changes,

gpg-agent passes to pinentry a short and a long hint for the passphrase constraints (see constraints-hint-* in pinentry.texi). If these hints are set, then pinentry shows them even before the user has started to enter a passphrase. The error message can then simply be "Read the hint, stupid!". Just kidding, of course.

These hints are taken from the help.txt file.

I have introduced this hint exactly because it's impossible to describe the rules automatically.

I think we can close this issue. Ikloecker explained why. The hint comes from the help files and I think at the time I opened the issue I did not use the help messages.