mkhorasani / Streamlit-Authenticator

A secure authentication module to manage user access in a Streamlit application.
Other
1.67k stars 260 forks source link

More Specific Error on Bad Passwords #217

Open cameron-kranz opened 1 month ago

cameron-kranz commented 1 month ago

It would be nice if when registering, the form told you what the password requirements are, or said specifically what is wrong with the entered password if it doesn't meet the criteria because currently it just says "Password does not meet criteria". Also the strong passwords that apple generates (xxxxxx-xxxxxx-xxxxxx) aren't allowed because they can't have a -, so it would be nice if the criteria allowed them.

cameron-kranz commented 1 month ago

Also could you tell me what the criteria are because I checked the validator but I don't really understand the pattern matching thing it uses

mkhorasani commented 1 month ago

Also could you tell me what the criteria are because I checked the validator but I don't really understand the pattern matching thing it uses

The default criteria are as follows:

                                    - Between 8 and 20 characters long.
                                    - Contain at least one lowercase letter.
                                    - Contain at least one uppercase letter.
                                    - Contain at least one digit.
                                    - Contain at least one special character from [@$!%*?&].
mkhorasani commented 1 month ago

It would be nice if when registering, the form told you what the password requirements are, or said specifically what is wrong with the entered password if it doesn't meet the criteria because currently it just says "Password does not meet criteria". Also the strong passwords that apple generates (xxxxxx-xxxxxx-xxxxxx) aren't allowed because they can't have a -, so it would be nice if the criteria allowed them.

Excellent idea! I will look into this for the next release. By the way you can pass your own custom Validator object to the Authenticate class to implement this as well.

cameron-kranz commented 1 month ago

Nice, I will look into that!