On Tue, 2020-10-06 at 23:26 -0700, James Bennett wrote:
> > Passwords obtained from previous breach corpuses.
There even appears to be a 3rd party validator for this.
Although it only checks for inclusion, not total number
breaches that password was included in, which might be
a useful indicator
On Tue, Oct 6, 2020 at 9:07 AM Florian Apolloner wrote:
> So, I have been digging a little bit more and it seems there was a conscious
> decision to not include an entropy check or character classes:
> https://groups.google.com/g/django-developers/c/9GBhgGXmEKs/m/toKKgGhaqewJ --
> But I have to
I recommend using https://pypi.org/project/pwned-passwords-django/ , which
checks against the pwned passwords database and thus all known breached
passwords. It's like the common passwords validator on steriods, but you do
have to get your user communication right to explain how you know their
reus
So, I have been digging a little bit more and it seems there was a
conscious decision to not include an entropy check or character classes:
https://groups.google.com/g/django-developers/c/9GBhgGXmEKs/m/toKKgGhaqewJ
-- But I have to admit that this is all I could find and I was rather
surprised
I don't know if my thanks were sent - I'm looking for a "solved" button
somewhere
Anyway, thank you (again?)
On Tuesday, October 6, 2020 at 4:30:34 PM UTC+2 f.apo...@gmail.com wrote:
> Seem to be expected behaviour (albeit somewhat suboptimal :D). The default
> validators are:
> https://github.
Oh I see...
Thank you!
On Tuesday, October 6, 2020 at 4:30:34 PM UTC+2 f.apo...@gmail.com wrote:
> Seem to be expected behaviour (albeit somewhat suboptimal :D). The default
> validators are:
> https://github.com/django/django/blob/999cddd58d30469f3ee85278985313fdf528323d/django/conf/project_te
Seem to be expected behaviour (albeit somewhat suboptimal :D). The default
validators are:
https://github.com/django/django/blob/999cddd58d30469f3ee85278985313fdf528323d/django/conf/project_template/project_name/settings.py-tpl#L87-L100
and from the looks of it / is in the list
