Monica: Enforce strong passwords

Created on 21 Aug 2018  路  2Comments  路  Source: monicahq/monica

Currently, the only limitation for passwords is: they have to be 6 characters long.

We should enforce passwords strengh, by forcing the user to:

  • mix case characters
  • add numbers
  • add special characters (symbols)

We could add this package and make sure we enforce strong passwords : https://github.com/schuppo/PasswordStrengthPackage

feature request help wanted security
Source
picture asbiin

Most helpful comment

Have a look at https://github.com/dropbox/zxcvbn. The library avoids some of the mistakes of common "strength meters", which often classify "Password&1" as strong (Lowercase, uppercase, more than 8 chars, special char, number).
The static hash list from haveibeenpwned is another good idea.

picture allo- on 26 Sep 2018
👍2

All 2 comments

Ideally, you would explain why we need this in the body of your issue, so we can discuss the feature itself.

djaiss picture djaiss on 10 Sep 2018

Have a look at https://github.com/dropbox/zxcvbn. The library avoids some of the mistakes of common "strength meters", which often classify "Password&1" as strong (Lowercase, uppercase, more than 8 chars, special char, number).
The static hash list from haveibeenpwned is another good idea.

allo- picture allo- on 26 Sep 2018
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

pc-zookeeper picture pc-zookeeper  路  4Comments
jkbecker picture jkbecker  路  3Comments
baisong picture baisong  路  3Comments
badry-abderrahmane picture badry-abderrahmane  路  3Comments
TheGP picture TheGP  路  3Comments