Closed BrutBurger closed 10 months ago
@twalen That is exactly what I pointed out. I even gave them an example of quo8UaQuie3Mie9ahwoo
and O1impi@da
. It is all about possible combinations and entropy. Enforcing use of special characters lowers no of possible password. Unfortunately changing to sensible requirements would mean altering the official policy and arguing with GDPR officer.
According to FRI privacy policy passwords needs to have:
This PR covers that issue. For it to work, the following needs to be added to the settings.py:
AUTH_PASSWORD_VALIDATORS = [ { "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", "OPTIONS": { "min_length": 8, }, }, {'NAME': 'oioioi.base.validators.NumberValidator', }, {'NAME': 'oioioi.base.validators.UppercaseValidator', }, {'NAME': 'oioioi.base.validators.LowercaseValidator', }, {'NAME': 'oioioi.base.validators.SymbolValidator', }, ]