Open joshsweaney opened 10 years ago
keitharm
commented
10 years ago Currently, the list of passwords are from the top 10,000 passwords list - https://xato.net/passwords/more-top-worst-passwords/
I'm not sure how we would implement the special character passwords. Would we mix a few hundred random special character passwords into the list for them to be chosen?
Maybe in the future, there can be a $_GET parameter that requests only special character passwords?
joshsweaney
commented
10 years ago Ah I see! Not a bad strategy, but testing forms can't always assume the majority case.
A great feature I think, would be a GET parameter that allows different types of passwords to be returned, i.e. "alpha", "numeric", "alpha-numeric", "alpha-numeric-specialchars" or whatever you choose to call each group. Sure, these could easily be tested manually, but adding them would give the API more ... completeness
The main reason I can see the password element being used, is to test the validation of password input fields on a form. In many cases, it is necessary to test that correct validation takes place for special characters, numbers etc. Adding more "random" looking passwords would be a good idea I think.