Update Authentication.yaml with Password Complexity Restrictions

consumer-reports-innovation-lab / TheDigitalStandard

The Digital Standard is an ambitious, community-led effort to build a framework to test and rate products and services on the basis of privacy, security, and data practices.

Creative Commons Attribution 4.0 International

128 stars 46 forks source link

Update Authentication.yaml with Password Complexity Restrictions #145

Closed rayeschiller closed 4 years ago

rayeschiller commented 4 years ago

Passwords should require 1 capital letter, 1 number, and 1 symbol.

cody-f commented 4 years ago

Thank you for the suggestion. In the current Digital Standard, we evaluate if the authentication system force user to set up a complex password. "1 capital letter, 1 number, and 1 symbol" could be one kind of situation that met the requirement. So, it overlaps with another indicator. @billfitzg @mrerecich