force strong passwords

from @nomoon : Some good thoughts here: https://nakedsecurity.sophos.com/2016/08/18/nists-new-password-rules-what-you-need-to-know/

TL;DR:

Minimum 8 character, maximum 64+. Accept all ASCII/Unicode printable characters. If possible, check against a known-bad dictionary of passwords. No composition rules. No hints. No time-based password expiration policy.

https://github.com/cdli-gh/Framework/issues/52

Rules :

Password length : 8(min) to 256(max) characters

Checklist

Implement rules.
Test on register Page

Resources

Edited Sep 04, 2021 by Émilie Pagé-Perron