Bug 5837 A limit of 20 chars for the administrator password has been implemented in the current, new workspace interface and a message clarifying the limit too. Also in the web service create user method, a new response has been added in order to prevent the creation of users with passwords above the 20 characters.

workflow/engine/classes/class.wsBase.php

@@ -814,6 +814,11 @@ class wsBase
          return $result;
       }
 
+      if(strlen($password)>20)
+      {  $result = new wsCreateUserResponse (28, "Password surprases the maximun length allowed", '');
+         return $result;
+      }
+
       global $RBAC;
       $RBAC->initRBAC();
 

workflow/engine/xmlform/login/newSite.xml

@@ -28,10 +28,10 @@
 <NW_USERNAME type="text" size="30" maxlength="32" validate="Email" defaultValue="admin" style="width:100%;">
   <en>Username:</en>
 </NW_USERNAME>
-<NW_PASSWORD type="password" size="30" maxlength="32" validate="Any" defaultValue="admin" style="width:100%;">
-  <en>Password (admin):</en>
+<NW_PASSWORD type="password" size="30" maxlength="20" validate="Any" defaultValue="admin" style="width:100%;">
+  <en>Password (admin) <![CDATA[<br>]]> (Max. length 20):</en>
 </NW_PASSWORD>
-<NW_PASSWORD2 type="password" size="30" maxlength="32" validate="Any" defaultValue="admin" style="width:100%;">
+<NW_PASSWORD2 type="password" size="30" maxlength="20" validate="Any" defaultValue="admin" style="width:100%;">
   <en>Re-type Password:</en>
 </NW_PASSWORD2>
 <ACTION type="hidden" defaultValue="test"/>