| You have to use a stronger password. |
|
| Your password needs to be at least %d characters long. |
|
| Your password needs to use characters from at least %d of the following types: %s. |
|
| Your password may not contain your username. |
|
| Your password may only use %d or less consecutive characters that appear in your username. |
|
| Your password may not be one of the 10,000 most commonly used passwords. |
|
| Your password may not have been used in any known password leak. |
|
| A confirmation mail was sent to the given user, if the account exists. |
|
| very weak |
|
| weak |
|
| decent |
|
| strong |
|
| , policy not met |
|
| Mimimal length for user passwords |
|
| Character types to use in passwords |
|
| Minimal number of different character types that have to be used in passwords. May not be higher than the number of selected types above |
|
| Check if password matches against the user's name. 0 to disable. 1 for exact matches. Any other number for the number of consecutive characters that may be contained in both password and username |
|
| Check password against a list of the 10,000 most common passwords. |
|
| Check password against the haveibeenpwned.com passwords API (using k-anonymity) to avoid passwords that have been leaked before. |
|
| How to generate passwords? |
|
| Minimal number of bits of information to generate passwords. The higher, the more secure but harder to remember. Minimum: 24. |
|
| The reset password mechanism usually tells if the given user account exists or not. This supresses all hints on that. |
|
| random password |
|
| pronouncable password |
|
| multi word pass phrase |
|
| lower case letters |
|
| upper case letters |
|
| numbers |
|
| special chars (eg. !, $, #, %) |
|