Skip to content

Password Protection & Improvements

Prevent Weak Passwords

  • zxcvbn library helps to measure password strength in terms of score against common english words, common patterns & sequences and even we can customize rule base with custom dictionaries
  • Measure user's password strength and prevent user's to use password for which strength score less than allowed (e.g. prevent score less 3 out of 5)

Prevent Leaked Passwords

  • HaveIBeenPwned allows you to search across multiple data breaches to see if your email address or phone number has been compromised.
  • It supports REST API as well
  • It has leaked password database and has secured way to compare passwords using hashing techniques
  • Tip: Spring Security has HaveIBeenPwnedRestApiPasswordChecker API which helps application to securely connect to the HaveIBeenPwned service