Increase minimum password length for admin user

app/code/Magento/Security/Test/Mftf/ActionGroup/AdminResetPasswordActionGroup.xml

@@ -25,7 +25,7 @@
         <see userInput="The password entered for the current user is invalid. Verify the password and try again." stepKey="seeErrorMessage1"/>
         <fillField selector="{{AdminSystemAccountSection.newPassword}}" userInput="Admin@12345678" stepKey="enterPassword1"/>
         <fillField selector="{{AdminSystemAccountSection.passwordConfirmation}}" userInput="Admin@12345678" stepKey="confirmPassword1"/>
-        <fillField selector="{{AdminSystemAccountSection.currentPassword}}" userInput="123123aaa" stepKey="fillCorrectPassword"/>
+        <fillField selector="{{AdminSystemAccountSection.currentPassword}}" userInput="123123aaabbb" stepKey="fillCorrectPassword"/>
         <click selector="{{AdminMainActionsSection.save}}" stepKey="clickSaveUser2"/>
         <see selector="{{AdminMessagesSection.success}}" userInput="The password of this account has been modified successfully." stepKey="seeSuccessMessage"/>
 

app/code/Magento/Security/Test/Mftf/ActionGroup/AdminResetPasswordUsingOldPasswordActionGroup.xml

@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
  /**
-  * Copyright © Magento, Inc. All rights reserved.
-  * See COPYING.txt for license details.
+  * Copyright 2022 Adobe
+  * All Rights Reserved.
   */
 -->
 
@@ -12,8 +12,8 @@
         <annotations>
             <description>Reset password using old password on All Users page.</description>
         </annotations>
-        <fillField selector="{{AdminEditUserSection.passwordTextField}}" userInput="123123aaa" stepKey="enterPassword"/>
-        <fillField selector="{{AdminEditUserSection.pwConfirmationTextField}}" userInput="123123aaa" stepKey="confirmPassword"/>
+        <fillField selector="{{AdminEditUserSection.passwordTextField}}" userInput="123123aaabbb" stepKey="enterPassword"/>
+        <fillField selector="{{AdminEditUserSection.pwConfirmationTextField}}" userInput="123123aaabbb" stepKey="confirmPassword"/>
         <click selector="{{AdminEditUserSection.saveButton}}" stepKey="clickSaveUser"/>
         <waitForPageLoad stepKey="waitForPageLoad"/>
         <see userInput="This is a required field." stepKey="seeRequiredField"/>
@@ -22,8 +22,8 @@
         <waitForPageLoad stepKey="waitForPageLoad1"/>
         <scrollToTopOfPage stepKey="scrollToTopOfPage"/>
         <see userInput="The password entered for the current user is invalid. Verify the password and try again." stepKey="seeErrorMessage"/>
-        <fillField selector="{{AdminEditUserSection.passwordTextField}}" userInput="123123aaa" stepKey="enterPassword1"/>
-        <fillField selector="{{AdminEditUserSection.pwConfirmationTextField}}" userInput="123123aaa" stepKey="confirmPassword1"/>
+        <fillField selector="{{AdminEditUserSection.passwordTextField}}" userInput="123123aaabbb" stepKey="enterPassword1"/>
+        <fillField selector="{{AdminEditUserSection.pwConfirmationTextField}}" userInput="123123aaabbb" stepKey="confirmPassword1"/>
         <fillField selector="{{AdminEditUserSection.currentPasswordField}}" userInput="{{_CREDS.magento/MAGENTO_ADMIN_PASSWORD}}" stepKey="enterCurrentPassword"/>
         <click selector="{{AdminEditUserSection.saveButton}}" stepKey="clickSaveUser2"/>
         <waitForPageLoad stepKey="waitForPageLoad2"/>

app/code/Magento/Security/Test/Mftf/Test/AdminOldPasswordRequiredToResetAdminPasswordTest.xml

@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
  /**
-  * Copyright © Magento, Inc. All rights reserved.
-  * See COPYING.txt for license details.
+  * Copyright 2022 Adobe
+  * All Rights Reserved.
   */
 -->
 
@@ -40,7 +40,7 @@
         <actionGroup ref="AdminLogoutActionGroup" stepKey="logoutFromAdmin"/>
         <actionGroup ref="AdminLoginActionGroup" stepKey="loginAsAdmin1">
             <argument name="username" value="$$createUser.username$$"/>
-            <argument name="password" value="123123aaa"/>
+            <argument name="password" value="123123aaabbb"/>
         </actionGroup>
         <actionGroup ref="AssertAdminSuccessLoginActionGroup" stepKey="seeSuccessLoginMessage"/>
         <actionGroup ref="AdminResetPasswordActionGroup" stepKey="resetPassword1"/>

app/code/Magento/User/Model/UserValidationRules.php

@@ -1,7 +1,7 @@
 <?php
 /**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
+ * Copyright 2015 Adobe
+ * All Rights Reserved.
  */
 
 namespace Magento\User\Model;
@@ -24,7 +24,7 @@ class UserValidationRules
     /**
      * Minimum length of admin password
      */
-    public const MIN_PASSWORD_LENGTH = 7;
+    public const MIN_PASSWORD_LENGTH = 12;
 
     /**
      * Adds validation rule for user first name, last name, username and email

app/code/Magento/User/Test/Mftf/Data/UserData.xml

@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
  /**
-  * Copyright © Magento, Inc. All rights reserved.
-  * See COPYING.txt for license details.
+  * Copyright 2017 Adobe
+  * All Rights Reserved.
   */
 -->
 
@@ -21,8 +21,8 @@
         <data key="firstname">John</data>
         <data key="lastname">Doe</data>
         <data key="email" unique="prefix">admin@example.com</data>
-        <data key="password">123123q</data>
-        <data key="password_confirmation">123123q</data>
+        <data key="password">1234512345q!</data>
+        <data key="password_confirmation">1234512345q!</data>
         <data key="interface_local">en_US</data>
         <data key="interface_local_label">English (United States)</data>
         <data key="is_active">true</data>
@@ -34,8 +34,8 @@
         </array>
     </entity>
     <entity name="AdminUserWithUpdatedUserRoleToSales" extends="NewAdminUser">
-        <data key="password">123123qA</data>
-        <data key="password_confirmation">123123qA</data>
+        <data key="password">123123qA1234</data>
+        <data key="password_confirmation">123123qA1234</data>
         <data key="role">{{roleSales.rolename}}</data>
     </entity>
 
@@ -44,8 +44,8 @@
         <data key="firstname">John</data>
         <data key="lastname">Doe</data>
         <data key="email" unique="prefix">admin@example.com</data>
-        <data key="password">123123QA</data>
-        <data key="password_confirmation">123123QA</data>
+        <data key="password">1234512345q!</data>
+        <data key="password_confirmation">1234512345q!</data>
         <data key="interface_local">en_US</data>
         <data key="interface_local_label">English (United States)</data>
         <data key="is_active">true</data>
@@ -61,8 +61,8 @@
         <data key="firstname">John</data>
         <data key="lastname">Doe</data>
         <data key="email" unique="prefix">admin@example.com</data>
-        <data key="password">123123q</data>
-        <data key="password_confirmation">123123q</data>
+        <data key="password">1234512345q!</data>
+        <data key="password_confirmation">1234512345q!</data>
         <data key="interface_local">en_US</data>
         <data key="interface_local_label">English (United States)</data>
         <data key="is_active">true</data>
@@ -78,8 +78,8 @@
         <data key="firstname">John</data>
         <data key="lastname">Doe</data>
         <data key="email" unique="prefix">admin@example.com</data>
-        <data key="password">123123QA</data>
-        <data key="password_confirmation">123123QA</data>
+        <data key="password">1234512345q!</data>
+        <data key="password_confirmation">1234512345q!</data>
         <data key="interface_local">en_US</data>
         <data key="interface_local_label">English (United States)</data>
         <data key="is_active">true</data>
@@ -98,15 +98,15 @@
         <data key="username" unique="suffix">admin</data>
         <data key="firstName">John</data>
         <data key="lastName">Smith</data>
-        <data key="password">admin123</data>
+        <data key="password">admin@123456</data>
     </entity>
     <entity name="Admin3" type="user">
         <data key="username" unique="suffix">admin3</data>
         <data key="firstname">admin3</data>
         <data key="lastname">admin3</data>
         <data key="email" unique="prefix">admin3WebUser@example.com</data>
-        <data key="password">123123q</data>
-        <data key="password_confirmation">123123q</data>
+        <data key="password">1234512345q!</data>
+        <data key="password_confirmation">1234512345q!</data>
         <data key="interface_local">en_US</data>
         <data key="is_active">true</data>
         <data key="current_password">123123q</data>
@@ -129,8 +129,8 @@
         <data key="firstname">John</data>
         <data key="lastname">Doe</data>
         <data key="email" unique="prefix">admin@example.com</data>
-        <data key="password">123123q</data>
-        <data key="password_confirmation">123123q</data>
+        <data key="password">1234512345q!</data>
+        <data key="password_confirmation">1234512345q!</data>
         <data key="interface_local">en_US</data>
         <data key="interface_local_label">English (United States)</data>
         <data key="is_active">true</data>
@@ -150,8 +150,8 @@
         <data key="firstname" unique="suffix">FirstName</data>
         <data key="lastname" unique="suffix">LastName</data>
         <data key="email" unique="prefix">admin@example.com</data>
-        <data key="password">123123q</data>
-        <data key="password_confirmation">123123q</data>
+        <data key="password">1234512345q!</data>
+        <data key="password_confirmation">1234512345q!</data>
         <data key="interface_local">en_US</data>
         <data key="interface_local_label">English (United States)</data>
         <data key="current_password">{{_ENV.MAGENTO_ADMIN_PASSWORD}}</data>
@@ -166,8 +166,8 @@
         <data key="firstname" unique="suffix">FirstName</data>
         <data key="lastname" unique="suffix">LastName</data>
         <data key="email" unique="prefix">admin@example.com</data>
-        <data key="password">123123q</data>
-        <data key="password_confirmation">123123q</data>
+        <data key="password">1234512345q!</data>
+        <data key="password_confirmation">1234512345q!</data>
         <data key="interface_local">en_US</data>
         <data key="interface_local_label">English (United States)</data>
         <data key="current_password">{{_ENV.MAGENTO_ADMIN_PASSWORD}}</data>
@@ -188,8 +188,8 @@
         <data key="firstname">John</data>
         <data key="lastname">Doe</data>
         <data key="email" unique="prefix">admin@example.com</data>
-        <data key="password">123123QA</data>
-        <data key="password_confirmation">123123QA</data>
+        <data key="password">1234512345q!</data>
+        <data key="password_confirmation">1234512345q!</data>
         <data key="current_password">{{_ENV.MAGENTO_ADMIN_PASSWORD}}</data>
         <data key="role">Administrators</data>
         <array key="roles">
@@ -201,8 +201,8 @@
         <data key="firstname">John</data>
         <data key="lastname">Doe</data>
         <data key="email" unique="prefix">admin@example.com</data>
-        <data key="password">123123UPD</data>
-        <data key="password_confirmation">123123UPD</data>
+        <data key="password">1234512345q!</data>
+        <data key="password_confirmation">1234512345q!</data>
         <data key="current_password">{{_ENV.MAGENTO_ADMIN_PASSWORD}}</data>
         <array key="roles">
             <item>1</item>

app/code/Magento/User/Test/Unit/Controller/Adminhtml/User/DeleteTest.php

@@ -201,19 +201,19 @@ public static function executeDataProvider()
     {
         return [
             [
-                'currentUserPassword' => '123123q',
+                'currentUserPassword' => '1234512345q!',
                 'userId'              => 1,
                 'currentUserId'       => 2,
                 'resultMethod'        => 'addSuccess',
             ],
             [
-                'currentUserPassword' => '123123q',
+                'currentUserPassword' => '1234512345q!',
                 'userId'              => 0,
                 'currentUserId'       => 2,
                 'resultMethod'        => 'addError',
             ],
             [
-                'currentUserPassword' => '123123q',
+                'currentUserPassword' => '1234512345q!',
                 'userId'              => 1,
                 'currentUserId'       => 1,
                 'resultMethod'        => 'addError',

dev/tests/api-functional/config/install-config-mysql.php.dist

@@ -2,8 +2,8 @@
 /**
  * Magento console installer options for Web API functional tests. Are used in functional tests bootstrap.
  *
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
+ * Copyright 2015 Adobe
+ * All Rights Reserved.
  */
 return [
     'language'                     => 'en_US',
@@ -21,7 +21,7 @@ return [
     'admin-firstname'              => 'Admin',
     'admin-email'                  => 'admin@example.com',
     'admin-user'                   => 'admin',
-    'admin-password'               => '123123q',
+    'admin-password'               => '1234512345q!',
     'admin-use-security-key'       => '0',
     /* PayPal has limitation for order number - 20 characters. 10 digits prefix + 8 digits number is good enough */
     'sales-order-increment-prefix' => time(),

dev/tests/integration/etc/install-config-mysql.php.dist

@@ -1,13 +1,13 @@
 <?php
 /**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
+ * Copyright 2011 Adobe
+ * All Rights Reserved.
  */
 
 return [
     'db-host' => 'localhost',
     'db-user' => 'root',
-    'db-password' => '123123q',
+    'db-password' => '1234512345q!',
     'db-name' => 'magento_integration_tests',
     'db-prefix' => '',
     'backend-frontname' => 'backend',

dev/tests/integration/framework/Magento/TestFramework/Bootstrap.php

@@ -1,7 +1,7 @@
 <?php
 /**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
+ * Copyright 2011 Adobe
+ * All Rights Reserved.
  */
 
 namespace Magento\TestFramework;
@@ -15,7 +15,7 @@ class Bootstrap
      * Predefined admin user credentials
      */
     public const ADMIN_NAME = 'user';
-    public const ADMIN_PASSWORD = 'password1';
+    public const ADMIN_PASSWORD = 'password1234';
     public const ADMIN_EMAIL = 'admin@example.com';
     public const ADMIN_FIRSTNAME = 'firstname';
     public const ADMIN_LASTNAME = 'lastname';

dev/tests/integration/testsuite/Magento/User/Model/UserTest.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright 2015 Adobe
+ * Copyright 2012 Adobe
  * All Rights Reserved.
  */
 
@@ -394,11 +394,11 @@ public function testBeforeSavePasswordHash()
         )->setEmail(
             'jdoe@example.com'
         )->setPassword(
-            '123123q'
+            '1234512345q!'
         );
         $this->_model->save();
         $this->assertStringNotContainsString(
-            '123123q',
+            '1234512345q!',
             $this->_model->getPassword(),
             'Password is expected to be hashed'
         );
@@ -488,9 +488,9 @@ public function testBeforeSaveValidationSuccess()
         )->setEmail(
             'jdoe@example.com'
         )->setPassword(
-            '1234abc'
+            '1234512345q!'
         )->setPasswordConfirmation(
-            '1234abc'
+            '1234512345q!'
         );
         $this->_model->save();
     }

dev/tests/js/jasmine/tests/lib/mage/validation.test.js

@@ -413,7 +413,7 @@ define([
             expect($.validator.methods['validate-admin-password']
                 .call($.validator.prototype, '   ')).toEqual(true);
             expect($.validator.methods['validate-admin-password']
-                .call($.validator.prototype, '123@123.com')).toEqual(true);
+                .call($.validator.prototype, '1234@123.com')).toEqual(true);
             expect($.validator.methods['validate-admin-password']
                 .call($.validator.prototype, 'abc')).toEqual(false);
             expect($.validator.methods['validate-admin-password']

dev/tests/setup-integration/etc/install-config-mysql.php.dist

@@ -1,7 +1,7 @@
 <?php
 /**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
+ * Copyright 2017 Adobe
+ * All Rights Reserved.
  */
 
 return [
@@ -14,7 +14,7 @@ return [
         'db-prefix' => '',
         'backend-frontname' => 'admin',
         'admin-user' => 'admin',
-        'admin-password' => '123123q',
+        'admin-password' => '1234512345q!',
         'admin-email' => \Magento\TestFramework\Bootstrap::ADMIN_EMAIL,
         'admin-firstname' => \Magento\TestFramework\Bootstrap::ADMIN_FIRSTNAME,
         'admin-lastname' => \Magento\TestFramework\Bootstrap::ADMIN_LASTNAME,

lib/web/mage/validation.js

@@ -1,6 +1,6 @@
 /**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
+ * Copyright 2012 Adobe
+ * All Rights Reserved.
  */
 
 define([
@@ -685,13 +685,13 @@ define([
                     return false;
                 }
 
-                if (pass.length < 7) {
+                if (pass.length < 12) {
                     return false;
                 }
 
                 return true;
             },
-            $.mage.__('Please enter 7 or more characters, using both numeric and alphabetic.')
+            $.mage.__('Please enter 12 or more characters, using both numeric and alphabetic.')
         ],
         'validate-customer-password': [
             function (v, elm) {