/StrongPass

Middleware that validates passwords against a blacklist

Primary LanguageC#BSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

StrongPass

Middleware that validates passwords against a blacklist.

Getting started

Install the NuGet package into your ASP.NET Core application.

Package Manager

Install-Package StrongPass

.NET CLI

dotnet add package StrongPass

Usage

  1. Register StrongPass in the ConfigureServices method of Startup.cs.
services.AddIdentity<ApplicationUser, IdentityRole>()
	.AddStrongPass<ApplicationUser>();
  1. Optionally configure the Code and Description properties of the IdentityError object and the passwords to blacklist.
services.AddIdentity<ApplicationUser, IdentityRole>()
	.AddStrongPass<ApplicationUser>(options =>
	{
		options.Code = "StrongPass";
		options.Description = "Password is not strong enough.";

		// Hard-coded blacklist.
		options.FromCollection(new[]
		{
			"password",
			"12345678"
		});

		// Loaded from file; one password per line.
		options.FromFile("blacklist.txt");
	});

The default password blacklist uses the top 1000 from SecLists.