langleyfoxall / laravel-nist-password-rules

🔒 Laravel validation rules that follow the password related recommendations found in NIST Special Publication 800-63B section 5.
GNU Lesser General Public License v3.0
208 stars 49 forks source link

single dictionary words #34

Closed munkiepus closed 3 years ago

munkiepus commented 4 years ago

Hi

while testing, managed to create a password of telephone134 - Should this be allowed? It's a single dictionary word or does the addition of non-sequential chars make that ok?

Thanks

DivineOmega commented 3 years ago

It's correct that this password passes the rules.

telephone on it's own should fail.

Feel free to open a new issue if you think you've found a case of the rules not working correctly.