How do you enforce strong passwords?

前端 未结 4 1772
不知归路
不知归路 2021-02-14 23:55

There are many techniques to enforce strong passwords on website:

  • Requesting that passwords pass a regex of varying complexity
  • Setting the password autono
4条回答
  •  栀梦
    栀梦 (楼主)
    2021-02-15 00:36

    It's been my experience that it depends really on the type of site, as you said.

    If you are creating a bank or financial website then users typically understand if you have a more secure password, since their personal data may be at risk.

    However for sites that typically don't contain a lot of personal information a simpler password will be fine. They may be less prone to hack attempts, and wouldn't get anything worthwhile anyway.

    I've also found that most people also seem to have a couple passwords they use often. One being complex, and another being simple. So requesting they use a complex password usually won't keep people from registering.

    I've never found expiring passwords to work successfully. As I said before, many people already have a set couple of passwords they use often, so asking them to go outside of this just for your site may make them not want to come back.

提交回复
热议问题