Skip to content
  • Home
  • Categories
  • Recent
  • Popular
  • World
  • Top
  • Tags
  • Users
  • Groups
  • Documentation
    • Home
    • Read API
    • Write API
    • Plugin Development
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo
v3.10.3 Latest
Buy Hosting
  1. Home
  2. Technical Support
  3. Minimum Password Strength

Minimum Password Strength

Scheduled Pinned Locked Moved Technical Support
2 Posts 2 Posters 336 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • Erik ViklanderE Offline
    Erik ViklanderE Offline
    Erik Viklander
    wrote on last edited by
    #1

    Hi,

    What is the difference between the different options for "Minimum Password Strength" in the admin section? How does it affect the end users choice of password?

    e.g

    • very guessable
    • somewhat guessable
    • safely unguessable
    • very unguessable

    I hope this is not a duplicate topic, I have search but could not find anything about this matter.

    PitaJP 1 Reply Last reply
    0
    • PitaJP Offline
      PitaJP Offline
      PitaJ Global Moderator Plugin & Theme Dev
      replied to Erik Viklander on last edited by
      #2

      @erik-viklander these are directly from the password strength calculation library zxcvbn which NodeBB uses to enforce password strength.

      result.score      # Integer from 0-4 (useful for implementing a strength bar)

  0 # too guessable: risky password. (guesses < 10^3)

  1 # very guessable: protection from throttled online attacks. (guesses < 10^6)

  2 # somewhat guessable: protection from unthrottled online attacks. (guesses < 10^8)

  3 # safely unguessable: moderate protection from offline slow-hash scenario. (guesses < 10^10)

  4 # very unguessable: strong protection from offline slow-hash scenario. (guesses >= 10^10)
      1 Reply Last reply
      0

      Copyright © 2024 NodeBB | Contributors
      • Login
      • Don't have an account? Register
      • Login or register to search.
      Powered by NodeBB Contributors
      • First post
        Last post
      0
      • Home
      • Categories
      • Recent
      • Popular
      • World
      • Top
      • Tags
      • Users
      • Groups
      • Documentation
        • Home
        • Read API
        • Write API
        • Plugin Development