We have one password strength test: to be at least 8 characters long.
I suggest to try a feature in flask-security.
Add this to utils/config_defaults.py:
SECURITY_PASSWORD_CHECK_BREACHED = "best-effort" # will try to check https://api.pwnedpasswords.com
Then, add a new user, and when going to the reset-pwd dialgoue (check mail via mailhog for the link), try a password like "testtest" and see if that is flagged, and how the user sees that.
We have one password strength test: to be at least 8 characters long.
I suggest to try a feature in flask-security.
Add this to
utils/config_defaults.py:SECURITY_PASSWORD_CHECK_BREACHED = "best-effort" # will try to check https://api.pwnedpasswords.comThen, add a new user, and when going to the reset-pwd dialgoue (check mail via mailhog for the link), try a password like "testtest" and see if that is flagged, and how the user sees that.