From 771e180aa3f3b37d149e70bc7dab5e98ed01676f Mon Sep 17 00:00:00 2001
From: jeessy2 <6205259+jeessy2@users.noreply.github.com>
Date: Sun, 18 Aug 2024 19:46:33 -0700
Subject: [PATCH] feat: Reduce password strength requirements (#1224)

---
 config/config.go | 4 ++--
 web/login.go     | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/config/config.go b/config/config.go
index 55c23de1d..e37e60340 100755
--- a/config/config.go
+++ b/config/config.go
@@ -205,9 +205,9 @@ func (conf *Config) ResetPassword(newPassword string) {
 
 // CheckPassword 检查密码
 func (conf *Config) CheckPassword(newPassword string) (hashedPwd string, err error) {
-	var minEntropyBits float64 = 50
+	var minEntropyBits float64 = 30
 	if conf.NotAllowWanAccess {
-		minEntropyBits = 25
+		minEntropyBits = 20
 	}
 	err = passwordvalidator.Validate(newPassword, minEntropyBits)
 	if err != nil {
diff --git a/web/login.go b/web/login.go
index a0db43c1f..3e28e5599 100755
--- a/web/login.go
+++ b/web/login.go
@@ -158,7 +158,7 @@ func loginUnlock() (minute uint32) {
 
 	go func(ticker *time.Ticker) {
 		for range ticker.C {
-			ld.failedTimes = 0
+			ld.failedTimes = 4
 			ticker.Stop()
 		}
 	}(ld.ticker)