Amplify-js: <amplify-authenticator> password weakness warning is unclear
Is your feature request related to a problem? Please describe.
When a user is creating an account and enters a password that is too short, an unclear error message is shown in certain cases. Say the minimum length you have set in Cognito is 8 characters. If a users tries to create an account with fewer than 6 characters, the error message shown is something like:
1 validation error detected: Value at 'password' failed to satisfy constraint: Member must have length greater than or equal to 6
However, if the password entered by the user is 6 or more characters, but shorter than the minimum length set in Cognito, something like the following error message shows up:
Password did not conform with policy: Password not long enough
Describe the solution you'd like
This is misleading, it would be great to have something similar to the first error message for all cases where the password is not long enough. I checked, and this is not available in the response sent by Cognito, so perhaps it could be added as a field in the signUpConfig.
Describe alternatives you've considered
The only alternative I can think of is to build my own UI component.
Additional context
The prebuilt component is awesome, so I'd love to keep using it!
holtc
All 4 comments
@holtc - I think configurable error messages are a good idea. However, I think this shouldn't be done in a one-off fashion. We should implement a generic way of configuring ANY of the error messages.
haverchuck
on 26 Dec 2018
Confirming that we see this too. The errors are pretty inconsistent and confusing. Here are some examples of what we see with cognito's default recommended constraints:
- Minimum length
8
Require numbers
Require special character
Require uppercase letters
Require lowercase letters
Attempting 1:
2 validation errors detected: Value at 'password' failed to satisfy constraint: Member must have length greater than or equal to 6; Value at 'password' failed to satisfy constraint: Member must satisfy regular expression pattern: ^[\S]+.*[\S]+$
Attempting 12, 123, 1234, 12345:
1 validation error detected: Value at 'password' failed to satisfy constraint: Member must have length greater than or equal to 6
Attempting 123456 or 1234567
Password did not conform with policy: Password not long enough
Attempting 12345678
Password did not conform with policy: Password must have lowercase characters
lsirivong
on 11 Mar 2019
It would be nice to display the password policies on the signUp page, and check them as the user is typing the password.
madmed88
on 16 May 2019
FYI, we have started an RFC discussion for a proposed Amplify UI Component refactor to increase customizability and flexibility for our components. Please feel free to add any additional comments to the following issue:
3279
jordanranz
on 22 May 2019
Related issues
cgarvis
路
3Comments
shinnapatthesix
路
3Comments
romainquellec
路
3Comments
TheRealRed7
路
3Comments
oste
路
3Comments
Most helpful comment
It would be nice to display the password policies on the signUp page, and check them as the user is typing the password.