Give a proper Password Validation Error Message instead of mentioning it as string

Infisical / infisical

♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure, prevent secret leaks, and manage internal PKI

https://infisical.com

Other

15.78k stars 989 forks source link

Give a proper Password Validation Error Message instead of mentioning it as string #2524

Open Gopakuma opened 1 month ago

Gopakuma commented 1 month ago

Feature description

Give a meaningful validation error message for use, when password validation fails

Why would it be useful?

It would be more user friendly

Additional context

Check all form validation error [messages]( Screenshot 2024-10-02 182845 )

Gopakuma commented 1 month ago

I could help to change this. Thanks

neutrino2211 commented 3 weeks ago

Personally don't think this is the best idea because it can lead to credential enumeration. See CWE-209