Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Add password strength option #31
Password complexity requirements around mixing cases has generally proven to lead to less secure passwords and not more - the general suggestion today is to not do that. Instead, what we should do is to check password against a common list of passwords - such as https://github.com/danielmiessler/SecLists/blob/master/Passwords/Common-Credentials/10-million-password-list-top-10000.txt - and disallow that.
See https://auth0.com/blog/dont-pass-on-the-new-nist-password-guidelines/ for more information, and a link to the NIST guidelines themselves.