Menu
I am considering using the following rules for a casual website.
that's all. My question is, beside white space, is there other symbol that I should consider as "illegal"? Please keep in mind that it is a casual website so I don't need any password policy that is very restricted.
Thanks,
293
The key aspects of a strong password are length (the longer the better); a mix of letters (upper and lower case), numbers, and symbols, no ties to your personal information, and no dictionary words.
Strong passwords are longer than eight characters, are hard to guess and contain a variety of characters, numbers and special symbols. The best ones can be difficult to remember, especially if you're using a distinct login for every site (which is recommended).
A strong password must be at least 8 characters long. It should not contain any of your personal information — specifically, your real name, username or your company name. It must be very unique from your previously used passwords. It should not contain any word spelled completely.
Hopefully you are not storing passwords in your database. You should be storing the hash of the password only.
So, if you are creating a hash out of the password, why have any illegal characters?
You may want to enforce a minimum password length, just for their own protection.
Even if you do restrict characters, why would you consider white space an illegal character? Many users create "pass phrases" to secure their passwords.
130
You should let your users have whatever password they like. Maybe enforce a minimum length, but nothing else. You're sanitizing this before it hits your database anyway, right?
41
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
