Hey everyone,
I’ve started on a new MVC5 project and came across the following error message while trying to register a new user:
Passwords must have at least one non letter or digit character.
Passwords must have at least one digit (‘0’-‘9’).
Passwords must have at least one uppercase (‘A’-‘Z’)
Passwords must have at least one digit (‘0’-‘9’).
Passwords must have at least one uppercase (‘A’-‘Z’)
While having a secure password is obviously important, I felt that most users would probably find these requirements a little extreme. After a bit of Googling I came across a StackOverflow post that mentioned a config class that you can use to edit these settings:
// App_Start > IdentityConfig.cs ... // Configure validation logic for usernames manager.UserValidator = new UserValidator(manager) { AllowOnlyAlphanumericUserNames = false, RequireUniqueEmail = true }; // Configure validation logic for passwords manager.PasswordValidator = new PasswordValidator { RequiredLength = 6, RequireNonLetterOrDigit = true, RequireDigit = true, RequireLowercase = true, RequireUppercase = true, }; ...
thank you ! stupid MS for using these settings as default and there’s so many places to set password restrictions, I couldn’t find it until I found your post. thanks again.
LikeLike
Thanks for the info.
It seems like the StringLength attribute of property Identity.Models.RegisterViewModel.Password (in ModelsAccountViewModels.cs) overlaps the RequiredLength mentioned above, enforcing a MinimumLength:
[StringLength(100, ErrorMessage = “The {0} must be at least {2} characters long.”, MinimumLength = 6)].
So if you want to influence the password length (i.e. decrease to 5) you might have to modify both.
I found a Q&A on SO that connected the dots for me: http://stackoverflow.com/questions/20953371/asp-net-identity-require-strong-passwords#comment40701479_25055885
LikeLike
thanks for the info
LikeLike