Password validation changes #5

New issue

Open

opened 2025-11-13 09:14:12 +00:00 by arne · 0 comments

arne commented 2025-11-13 09:14:12 +00:00

Owner

Copy link

• only validate minimum password length, not anything else (so NO checks for capital/lowercase/number/special chars/etc) -> this reflects modern security standards
• if we check in the frontend, make sure we also check in the backend (general principle: check things in the backend first, then we can consider frontend)
• make minimum password length configurable (config/get :password/minimum-length)

- [ ] only validate minimum password length, not anything else (so NO checks for capital/lowercase/number/special chars/etc) -> this reflects modern security standards - [ ] if we check in the frontend, make sure we also check in the backend (general principle: check things in the backend first, then we can consider frontend) - [ ] make minimum password length configurable `(config/get :password/minimum-length)`

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

laurence/issue-5

arne/test-infra

No results found.

Labels

Clear labels   

bug

A defect that needs fixing

  

small

Little things that can be fixed trivially, best to batch these up

No labels

bug

small

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

gaiwan/Oak#5

No description provided.