Closed HDVinnie closed 5 years ago
Add validation rules that follow the password related recommendations found in NIST Special Publication 800-63B section 5.
NIST Password Rules implements the following recommendations.
These rules will be checked against the following functions:
Register Login Change Password (No Auth Forgot Password, Authed Update Password, Staff Force Update Password Tool)
While UNIT3D does offer a hashing algorithm of Bcrypt or Argon2 for passwords this does not stop users from using stupid passwords!
Closed in #841
Issue Type
Add validation rules that follow the password related recommendations found in NIST Special Publication 800-63B section 5.
NIST Password Rules implements the following recommendations.
These rules will be checked against the following functions:
Register Login Change Password (No Auth Forgot Password, Authed Update Password, Staff Force Update Password Tool)
While UNIT3D does offer a hashing algorithm of Bcrypt or Argon2 for passwords this does not stop users from using stupid passwords!