Broken signup password validation
Closed this issue · 2 comments
PauloASilva commented
According to the error message, password should meet the following requirements: "Password should contain at least one digit, one small letter and one capital letter and should at least contain 8 characters."
Password is validated using the following regular expression: /^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,16}$/
.
Although used regular expression matches A123456c
as a valid password, it fails for A123456ç
.
We can either change password requirements/error message or fix validation.
OWASP Password Strength Test is something we can used to address the later.
progshubham01 commented
I will be taking this up @progshubham01
nikhil-rajesh commented
Fixed password validation message in #165