Erroneous Password Strength Warning

[PC-Admin]

Requirements

• [X] This is a bug report, and if not, please post to https://lemmy.ml/c/lemmy_support instead.
• [X] Please check to see if this issue already exists.
• [X] It's a single bug. Do not report multiple bugs in one issue.
• [X] It's a frontend issue, not a backend issue; Otherwise please create an issue on the backend repo instead.

Summary

I plug a 20 digit random alpha-numeric password into the registration form (Which is unbreakable and should be considered a strong password.) and it reports that this is a "Weak" password.

This is just a minor bug really and should be considered low priority.

Steps to Reproduce

1. Attempt to register an account on Lemmy.
2. Drop an unbreakable 20 digit alpha-numeric password (for example: "7D363rbBhGDbZNQccNhX").
3. Witness the "Weak" warning.

Technical Details

Debian 12 Firefox

Lemmy Instance Version

0.17.3

Lemmy Instance URL

https://lemmy.perthchat.org

[lionirdeadman]

The example password appears to be treated as medium on beehaw.org

[PC-Admin]

Indeed, on a second attempt I get 'Medium' as well.

It's still inaccurate IMO, a 20 digit alpha-numeric like the example I gave would be a 'Very Strong' password technically.

[willhansen]

It looks like the strength is based on length and special characters

https://github.com/LemmyNet/lemmy-ui/blob/8b478e971244321048818c95df00198cb445dba9/src/shared/components/home/signup.tsx#L24

https://www.npmjs.com/package/check-password-strength