This repository has been archived by the owner on Oct 24, 2021. It is now read-only.

Block weak passwords #65

Open

e2jk opened this issue Jun 6, 2020 · 0 comments

Labels

Owner

e2jk commented Jun 6, 2020

Follow-up on #62 (which just handled the password length).
From the OWASP Authentication Cheat Sheet

Include password strength meter to help users create a more complex password and block common and previously breached passwords

zxcvbn library can be used for this purpose. (Note that this library is no longer maintained)

Pwned Passwords is a service where passwords can be checked against previously breached passwords. You can host it yourself or use API.

e2jk added the security label

e2jk mentioned this issue

Stronger password requirements #62

Closed

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.