Cloud Login Password Length

So, I’m working on an Android app, and wanted to do basic password checking in the login form, so I thought I’d see what the Spark Cloud allows, via experimentation. It seems that it will even allow passwords of only one character!? That seems like a bit of a security risk if you ask me. Could at least some basic length checking be implemented? For reference, there is now an account with user/pass asdf@asdf.com/a :smiley: Feel free to use/ delete that account…

@jgoggins, @Dave, could either of you chime in on this?

Hey All,

Good question! We kept the requirements very minimal at the start, but as people use their accounts more and more, I agree that it’s a good idea to enforce some minimal length. We do have an internal issue open for minimum password length, but I’d also like to add 2-factor auth before too long, and some other fun security features. I’ll open some internal issues for these so they don’t get lost.

Thanks!
David

2 Likes