Issue: Password Minimum Length Requirement Missing on Signup Page

[Krishna3451]

Summary

The signup page currently allows users to create a password of length 1. This poses a security risk as such short passwords are vulnerable to attacks, reducing the overall account security for users.

Steps to Reproduce

1. Navigate to the signup page.
2. Attempt to create an account using a password that is only 1 character long.
3. Observe that the system accepts the password and allows the account creation to proceed.

Expected Behavior

The system should enforce a minimum password length requirement (e.g., 8 characters) to ensure adequate security. A validation error should appear if a user attempts to enter a password shorter than this length, preventing account creation.

Actual Behavior

The signup page accepts passwords of any length, including those as short as one character, and allows the account creation to proceed without warning or error.

Recommended Solution

• Implement a minimum password length validation on the signup page.
• Display an error message if a user enters a password shorter than the required minimum length (e.g., "Password must be at least 8 characters long").
• Consider additional password strength validations to encourage the use of complex passwords.

[Krishna3451]

@harshmangalam I would love to work on this issue.

[harshmangalam]

@Krishna3451 assigned to you