havardt / passwordvalidator Goto Github PK
View Code? Open in Web Editor NEWA .NET standard library for advanced password validation.
License: MIT License
A .NET standard library for advanced password validation.
License: MIT License
A PasswordValidator instantiated with CheckTypes.Basic will not validate any input, because the min and max length of the associated Length validator is 0:
var validator = new PasswordValidator(CheckTypes.Basic);
It is thus necessary to explicitly assign the MinLength and MaxLength properties:
var validator = new PasswordValidator(CheckTypes.Basic);
validator.MinLength = 6;
validator.MaxLength = 128;
It seems that the desired behavior in this scenario would be for the Length validator to use the default min/max length values.
Is your feature request related to a problem? Please describe.
Currently the length check only check if the given password is longer than the minimum length, but often you will also want to set an upper limit.
Describe the solution you'd like
The user should be able to set a maximum password length. The default maximum length should be 128 as described in the OWASP cheat sheet.
Describe the bug
The passwords Aaaa@2022 or aaaA@2012 are passed.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Validate method returns False.
Is your feature request related to a problem? Please describe.
As a user, I would like to see if the entered password is on a common/bad/pwned passwords list.
Describe the solution you'd like
A predefined check that checks up against a solid password list.
Describe alternatives you've considered
Use sorted file to check if entered password exists in the list.
Describe the bug
Password is invalid when no checks have been added.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Validation should default to valid when no checks have been added as there is no check to fail and thus by definition the password is valid.
Describe the solution you'd like
Improved efficiency for predefined checks.
Describe alternatives you've considered
LINQ and manual looping through characters as a substitution for regex.
Additional context
From experience; regex is slow compared to manual looping. Regex provides a fair bit of simplicity altough at a cost of efficiency.
Is your feature request related to a problem? Please describe.
Yes, when a textbox adds leading white space it should not count as password length.
Describe the solution you'd like
Leading and traling white space should be removed when checking length.
For example, is it a good idea to check the "qwer asdf ZxcV" character on the keyboard?
Is your feature request related to a problem? Please describe.
Currently all predefined checks that execute checks on letters do so based on the ISO basic latin alphabet (A-Za-z).
Describe the solution you'd like
Predefined checks should support a wider range of alphabets.
Is your feature request related to a problem? Please describe.
Sometimes you don't need the users password to match all criterias.
Describe the solution you'd like
Developers should be able to set a count or percentage of checks that must pass validation. The default should be that all checks must pass.
Example:
Developer wants all password to match three of the four criterias:
The developer would then provide the password validator object with a count of 3 or a double of 0.75 representing 75%.
Describe alternatives you've considered
Either use an int which sets the required amount of checks to pass or use a double which represnts a % of checks that needs to pass where 0.0 is no checks need to pass and 1.0 represents all checks needing to pass.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.