You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I suggest to complement the password policy with a password strength estimator like zxcvbn.
Motivation
Consider using zxcvbn as an algorithmic alternative to password composition policy — it is more secure, flexible, and usable when sites require a minimal complexity score in place of annoying rules like "passwords must contain three of {lower, upper, numbers, symbols}".
There is a php port that should be relatively easy to be used for the Mailcow password policy. Disadvantages are that the repository includes only a bit outdated, English language dictionaries. zxcvbn-ts appears to be the most up-to-date, state of the art fork that supports multiple languages, but it's written in typescript, I'm not sure how easy that would be to insert into Mailcow.
The text was updated successfully, but these errors were encountered:
Summary
I suggest to complement the password policy with a password strength estimator like zxcvbn.
Motivation
https://github.com/dropbox/zxcvbn
Additional context
There is a php port that should be relatively easy to be used for the Mailcow password policy. Disadvantages are that the repository includes only a bit outdated, English language dictionaries.
zxcvbn-ts appears to be the most up-to-date, state of the art fork that supports multiple languages, but it's written in typescript, I'm not sure how easy that would be to insert into Mailcow.
The text was updated successfully, but these errors were encountered: