loading...
Cover image for What does it take to create a strong password?

What does it take to create a strong password?

lisasy profile image Lisa Sy ・1 min read

At Forem, you might have seen some recent updates to our sign-in flow.

We're working to make it empower communities to provide whichever authentication methods best serve their need — whether that is social authentication (Twitter, Google, Facebook, etc), and/or email and password. We've typically leaned towards encouraging people to sign up using social authentication because 1) that doesn't require storing passwords on our end and 2) we think that requiring social auth prevents spam and harassers from profligating on our platform. But it's not enough just to provide social oauth as an option: some communities and people want to sign up with a good ole email and password.

How do we build out email/password authentication while ensuring that we mitigate as much spam & harassment as possible? Ideally, we'd want to create and store their passwords with a password manager. But in the more common case where people don't want to use a password manager, how can we nudge them to create secure passwords? Here's where this idea comes in:

A contextual password helper

📹 Watch the video recording here

contextual password helper

Questions:

  • What are your general feedback around the video you see?
  • We're thinking that 10 character minimum is ideal. What are your thoughts here?
  • Should requiring numbers, lowercase and uppercase characters, and symbols be part of our requirements?

Posted on by:

Discussion

markdown guide
 

I like the idea of guard rails and maybe enforcing the length, sometimes I feel for non tech savy people, the numbers, digits, symbols can be a frustration. On another note how do you do those fabulous Forem mockups?