The VCS Password exists in phabricator to prevent users from exposing their sensitive credentials when running git commands or on the phabricator server itself (e.g. in the output of ps aux). It would be great if when a user sets their VCS Password phabricator would check the new password and make sure it does not match the LDAP password (try to do an LDAP auth). If it does match, prevent the user from setting the VCS Password.
Description
Related Objects
- Mentioned Here
- T13043: Improve authentication revocation behaviors
Event Timeline
This is via discussion on IRC, but the request captures it pretty well.
We already check against the Phabricator password, but could additionally check against other password-based authentication sources.
Password management is in good shape after T13043 , and this would now be fairly easy to implement in a general way by adding a check in PhabricatorAuthPasswordEngine->isUniquePassword().
There's currently no modularity around password engines and this request generally feels like a large amount of complexity for a very marginal benefit -- requiring unique passwords is relatively marginal in the first place. I don't think the complexity is worthwhile, and we don't have any adjacent requests to help justify the complexity, so I'm not inclined to pursue it in the upstream.