Ghost

Go to file

Aileen Nowak 8f2dc2ff02 Match client-side password validation to new server-side rules (#899 ) refs TryGhost/Ghost#9150 - added a new validator for password validations that will take care of the rules client side - Passwort rules added: - Disallow obviously bad passwords: 1234567890, qwertyuiop, asdfghjkl; and asdfghjklm - Disallow passwords that contain the words "password" or "ghost" - Disallow passwords that match the user's email address - Disallow passwords that match the blog domain or blog title - Disallow passwords that include 50% or more of the same characters: 'aaaaaaaaaa', '1111111111' and 'ababababab' for example. - When changing the own password, the old password is not affected by the new validations - Validation are running on - setup - signup - password change in Team - User (only new passwords are validated) - passwort reset	2017-10-26 11:02:17 +01:00
ghost/admin	Match client-side password validation to new server-side rules (#899 )	2017-10-26 11:02:17 +01:00

Aileen Nowak 8f2dc2ff02 Match client-side password validation to new server-side rules (#899 )

refs TryGhost/Ghost#9150

- added a new validator for password validations that will take care of the rules client side
- Passwort rules added:
   - Disallow obviously bad passwords: 1234567890, qwertyuiop, asdfghjkl; and asdfghjklm
   - Disallow passwords that contain the words "password" or "ghost"
   - Disallow passwords that match the user's email address
   - Disallow passwords that match the blog domain or blog title
   - Disallow passwords that include 50% or more of the same characters: 'aaaaaaaaaa', '1111111111' and 'ababababab' for example.
- When changing the own password, the old password is not affected by the new validations
- Validation are running on
   - setup
   - signup
   - password change in Team - User (only new passwords are validated)
   - passwort reset

2017-10-26 11:02:17 +01:00

ghost/admin

Match client-side password validation to new server-side rules (#899 )

2017-10-26 11:02:17 +01:00