Password requirements are insecure

[n1trux]

Currently the password policy is 8 characters, at least one number and at least one uppercase character. This makes Password1 a secure password in sqstorage's opinion.

I think the following would be more secure:

• at least 11 characters
• at least two of the following categories:
  • lowercase characters
  • uppercase characters
  • special characters
  • emoji
  • numbers

This would make CorrectHorseBatteryStaple a secure password, like it should be.

Fun aside: there's zxcvbn, which is a pretty good library for this use case.

[n1trux]

some german wordlists/inspiration can be found here: https://github.com/qutorial/zxcvbn

other wordlists: https://github.com/gmelodie/awesome-wordlists