Hey everyone,
I’ve started on a new MVC5 project and came across the following error message while trying to register a new user:
Passwords must have at least one non letter or digit character.
Passwords must have at least one digit (‘0’-‘9’).
Passwords must have at least one uppercase (‘A’-‘Z’)
Passwords must have at least one digit (‘0’-‘9’).
Passwords must have at least one uppercase (‘A’-‘Z’)
While having a secure password is obviously important, I felt that most users would probably find these requirements a little extreme. After a bit of Googling I came across a StackOverflow post that mentioned a config class that you can use to edit these settings:
// App_Start > IdentityConfig.cs
...
// Configure validation logic for usernames
manager.UserValidator = new UserValidator(manager)
{
AllowOnlyAlphanumericUserNames = false,
RequireUniqueEmail = true
};
// Configure validation logic for passwords
manager.PasswordValidator = new PasswordValidator
{
RequiredLength = 6,
RequireNonLetterOrDigit = true,
RequireDigit = true,
RequireLowercase = true,
RequireUppercase = true,
};
...
What I Broke - Programming and Web Development 
thank you ! stupid MS for using these settings as default and there’s so many places to set password restrictions, I couldn’t find it until I found your post. thanks again.
LikeLike
Thanks for the info.
It seems like the StringLength attribute of property Identity.Models.RegisterViewModel.Password (in ModelsAccountViewModels.cs) overlaps the RequiredLength mentioned above, enforcing a MinimumLength:
[StringLength(100, ErrorMessage = “The {0} must be at least {2} characters long.”, MinimumLength = 6)].
So if you want to influence the password length (i.e. decrease to 5) you might have to modify both.
I found a Q&A on SO that connected the dots for me: http://stackoverflow.com/questions/20953371/asp-net-identity-require-strong-passwords#comment40701479_25055885
LikeLike
thanks for the info
LikeLike