Reputation: 305
Strong password in ruby
In my application my password validation is only as
validates :password, :password_confirmation, presence: true
What am I supposed to do if I want my password to be more secure e.g., I want one capital and one or two special characters also to be in my password.
Thanks in advance.
Upvotes: 1
Views: 1277
Answers (1)
Reputation: 108089
There are several gems which validate passwords for strength. Some check the password against arbitrary rules (mixed case, must have a digit, etc.). Such rules are a proxy for entropy. The strong_password gem attempts to check more directly that the password has enough entropy.
It is preferable, when possible, to check entropy rather than rules such as mixed case, because many very good passwords that have a great deal of entropy will fail when checked against naive rules.
The strong_password gem is just one of many that check password strength. I have not used it myself. There's bound to be one that meets your needs.
Upvotes: 2
Related Questions
- Securely providing the database password in a Rails app
- Password security problems
- Ruby on Rails Password Validation
- Using secret passwords in Rails App
- Storing passwords in a database
- Ruby on Rails gem to make passwords more secure?
- Ruby - Is storing a password as a variable safe?
- RoR - password protected model
- rails - Creating a Secure ID / Password
- working with hashed passwords in ruby