Opened 27 hours ago
Closed 17 hours ago
#36180 closed New feature (wontfix)
Consider adding repeated pattern password validator
| Reported by: | Michel Le Bihan | Owned by: | |
|---|---|---|---|
| Component: | contrib.auth | Version: | dev |
| Severity: | Normal | Keywords: | |
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
Hello,
Currently the password validators in Django will happily accept aaaaaaaaaaaa ('a' * 12) as a password. I believe that adding a password validator that checks for repeated patterns would vastly improve password complexity. The implementation of such a validator is very simple:
import re repeat_matcher = re.compile(r'(.+?)\1+') match = repeat_matcher.match(password) repeat_cnt = len(match.group(0)) // len(match.group(1)) - 1 if match else 0
repeat_cnt for alaalaala should be 2.
Note:
See TracTickets
for help on using tickets.
Hi Michel,
As you are suggesting a new feature for Django, you first need to propose and discuss the idea with the community and gain consensus. To do that, please consider starting a new conversation on the Django Forum, where you'll reach a broader audience and receive additional feedback.
I'll close the ticket for now, but if the community agrees with the proposal, please return to this ticket and reference the forum discussion so we can re-open it. For more information, please refer to the documented guidelines for requesting features.