Enforce minimal length for passwords

acipm / kibicara

Kibicara distributes text messages between different social media and messenger platforms

https://acipm.github.io/kibicara/

Other

2 stars 0 forks source link

Closed m-rey closed 4 years ago

m-rey commented 4 years ago

Passwords have to meet a minimal length requirement to improve security.

hagenest commented 4 years ago

What minimum would be sufficient? 8 may be kinda low if you don't force people to use special characters and/or upper and lower case.

You marked this as a good first issue, where should I find the method for registration? In admin.py?

m-rey commented 4 years ago

Afaik you shouldn't force people to use special characters or similar. NIST recommends a minimum length of 8 characters. See https://pages.nist.gov/800-63-3/sp800-63b.html#sec5

hagenest commented 4 years ago

wow, missclicks are real