search

discuitnet / discuit

A free and open-source community discussion platform.
https://discuit.net
GNU Affero General Public License v3.0
385 stars 40 forks source link

Feature: entropy based password required #65

Open Codycody31 opened 2 months ago

Codycody31 commented 2 months ago

closes #47

Makes use of https://github.com/wagslane/go-password-validator with a default minimum entropy of 60. This is mainly to prevent people from using standard weak passwords. However, if https://github.com/nbutton23/zxcvbn-go that could probably be used also, I just don't know how to.

previnder commented 2 months ago

@Codycody31 Could you update the PR to make the password requirement optional? Read the recent discussion in #47.

Codycody31 commented 2 months ago

@previnder, just fixed it, now has an optional config key that defaults to false for the usage of password entropy.