Password validation broken

Open Gauntlet173 opened this issue 3 years ago • 2 comments

For some reason, password "monkey24" doesn't work.

Nov 02 '22 18:11 Gauntlet173

I stepped through this code to look at the errors on form validation, and I am seeing the message: "This password is too common"

We're using Django's CommonPasswordValidator for the registration, which checks against a list of ~20K comon password substrings. Did a bit of digging to find the list, and the word "monkey" is indeed on there

Confirmed that a slight variation worked (monkye24) for registration.

We could potentially close this bug, although we may want a separate feature where we provide feedback to the user to inform them of a registration-related error

Jun 14 '24 17:06 reganmeloche

agreed on notifying the user as to why the password failed.

Sep 27 '24 19:09 Gauntlet173