aA1! is considered a strong password in the mobile app, but displayed as very weak in the desktop app.
User Story
As a user, I want to see useful password strength suggestions while creating a profile so that I am more likely to not use terrible passwords.
Notes:
Password strength validation does not block the user from creating a profile. The only mandatory validation is the password length between 10 and 100 characters.
It is better to use a good password manager to generate passwords and not rely on password strength validation.
Many users will still use personal information in their passwords and those will still pass the strength checks.
Acceptance Criteria
Identical password strength validation rules as the desktop app nightly.
The developer should document in this issue or in a PR the password strength rules (from the desktop app) so that QAs don't need to redo the same analysis.
Feature Issue
Although there are good reasons to not even bother with using a password strength validator, the mobile implementation is out of sync with the desktop app and we want to keep clients in sync if possible. Original discussion https://github.com/status-im/status-mobile/pull/21593#issuecomment-2464427178
Example of bad suggestion to users:
aA1!is considered astrongpassword in the mobile app, but displayed asvery weakin the desktop app.User Story
As a user, I want to see useful password strength suggestions while creating a profile so that I am more likely to not use terrible passwords.
Notes:
Acceptance Criteria