You have to use a stronger password. |
|
Your password needs to be at least %d characters long. |
|
Your password needs to use characters from at least %d of the following types: %s. |
|
Your password may not contain your username. |
|
Your password may only use %d or less consecutive characters that appear in your username. |
|
Your password may not be one of the 10,000 most commonly used passwords. |
|
Your password may not have been used in any known password leak. |
|
A confirmation mail was sent to the given user, if the account exists. |
|
very weak |
|
weak |
|
decent |
|
strong |
|
, policy not met |
|
Mimimal length for user passwords |
|
Character types to use in passwords |
|
Minimal number of different character types that have to be used in passwords. May not be higher than the number of selected types above |
|
Check if password matches against the user's name. 0 to disable. 1 for exact matches. Any other number for the number of consecutive characters that may be contained in both password and username |
|
Check password against a list of the 10,000 most common passwords. |
|
Check password against the haveibeenpwned.com passwords API (using k-anonymity) to avoid passwords that have been leaked before. |
|
How to generate passwords? |
|
Minimal number of bits of information to generate passwords. The higher, the more secure but harder to remember. Minimum: 24. |
|
The reset password mechanism usually tells if the given user account exists or not. This supresses all hints on that. |
|
random password |
|
pronouncable password |
|
multi word pass phrase |
|
lower case letters |
|
upper case letters |
|
numbers |
|
special chars (eg. !, $, #, %) |
|