[Mailman-Users] Moderator Passwords
Stephen J. Turnbull
stephen at xemacs.org
Tue Sep 2 03:37:33 CEST 2014
David Andrews writes:
> Then it never seems to work for them -- I end up changing password
> several times until it eventually seems to take.
It's not a matter of "taking". If you type the same password twice,
and get a page saying password is set, the password has already been
recorded. The password database is internal to Mailman, and the
system has been in use for nearly two decades with few problem reports
(except that it is *too* easy to use, and consequently insecure), so
we are very confident that it works as designed.
How are the moderators doing their task? Are they moderating via
email using the Approved header or are they logging in via the web
page?
> Ami I missing something? Are there restrictions on the
> password?
As far as I can tell, if you can type it, it can be used as a password
by Mailman, except that you can't have leading or trailing whitespace.
> Does the e-mail have restrictions or qualifications?
If the email can send and receive email, it's a valid moderator
identifier.
> Why is this always so difficult?
Except for actually remembering the password and accurately entering
it without seeing it, it is intended to be straightforward. Accurate
entry can be aided by choice of password so it fits the user's typing
rhythm, but that's up to you -- it decreases security to restrict
choice to easily remembered, easily typed passwords.
If it's "always" difficult, that implies a documentation problem. If
you can help us identify inaccurate or inadequate explanations, we
would be very grateful.
More information about the Mailman-Users
mailing list