Security: UI - Password Complexity Score

[PrabhakarThummalaDOL]

• [x] Set the Password Complexity Score to 5.
• [x] Show user friendly warning messages to the user.
• [x] Remove 'Good' word in the current existing check list.

[NathayaMDOL]

Below is the text for Password Complexity Help tooltip: A strong password consists of 8 or more characters (combination of letters, numbers and special characters like #,$,@ etc.). Strong passwords are case-sensitive and they do not contain common dictionary words. Show more

Below is the text for Password Complexity detailed help: Combine different types of characters Use a password with combination of uppercase and lowercase letters, numbers and special characters. Recommendations and examples Choose a word or phrase and use numbers and special characters instead of some letters. Examples: • "Department" becomes "Dep@r2m3nt" • "Interpretation" becomes "In2erpreT@t1on" • “I am awesome” becomes “I@mAwe$0m3” Do not use personal information Avoid creating passwords from info that others might know or could easily find out. Examples: • Your nickname or initials • The name of your child or pet • Important days or years like birthday, anniversary etc. • Your street name • Numbers from your address Do not use common words and patterns Avoid simple words, phrases, and patterns that are easy to guess. Examples: • Obvious words and phrases like "unitedstates" or "mypassword" • Sequences like "abcdefgh" or "12345678" • Keyboard patterns like "qwerty" or "qazwsxedc" Date patterns like “10112015”

Do not use any examples given above, like "Dep@r2m3nt" or "In2erpreT@t1on”

[NathayaMDOL]

Completed! The changes have been applied to all pages below

1. Manage Users page(Admin)
2. User Registration/Create an Account page
3. Reset Password page
4. Change Password page
5. Reactivate Account page

Here are the screenshots for password complexity section

1. The complexity div with the arrow checks

2. The “tool tip” with more details link

3. The actual details when clicked link “show more”.

[EStriegel]

@NathayaMDOL A couple minor changes -

• First sentence in the tool tip. Please change to, "A strong password consists of 8 or more characters, using a combination of letters, numbers and special characters."

• First sentence in show more. Please change to, "Use a password with combination of uppercase and lowercase letters, numbers and special characters (e.g. #@$&, etc.)."

• In the show more, please add a hard return before "Examples:" and delete the hard return between "Examples:" and the bullets. Should be completed for both occurrences. See example below:

  Use a password with combination of uppercase and lowercase letters, numbers and special characters (e.g. #@$&, etc.).

Examples:

• "Department" becomes ...
• "Interpretation" becomes ...

[NathayaMDOL]

The changes above have been performed and pushed to Dev.

[NathayaMDOL]

Here are the screenshots after changes above

[binwang89]

looks ok, move to closed