validate-password
Advanced tools
JS password validation for the client and the server.
Enforce stronger passwords for users by checking for uppercase/lowercase letters, numbers, and special characters.
You can also check passwords for certain strings. This is ideal for preventing users from entering their name or email in the password. Or, you can search the password for common words, to further encourage the user to pick a strong password.
Install via NPM:
npm install validate-password
##Usage
This can be used as a stand alone package:
<script src="node_modules/validate-password/dist/validate-password.min.js"></script>
or as a CommonJS module:
var ValidatePassword = require('validate-password');
Start by instantiating the password validator:
var validator = new ValidatePassword();
...And use the .checkPassword() method to validate the password.
.checkPassword() accepts two arguments - first, the password as a string:
var passwordData = validator.checkPassword('aaaaa');
console.log(passwordData.isValid); // false
console.log(passwordData.validationMessage); // 'The password must contain at least one uppercase letter'
And, optionally, an array of strings that are not allowed to be in the password:
var checkPasswordForName = validator.checkPassword('cat123aaBa$%^#$%#$%', ['cat123']);
console.log(passwordData.isValid); // false
console.log(passwordData.validationMessage); // 'The password cannot contain cat123'
See the examples directory for more detailed use cases...
##Options
By default, the validator checks for uppercase/lowercase letters, numbers, and special characters.
You can also pass in custom configuration options when instantiating the validator, to loosen these default rules:
var options = {
enforce: {
lowercase: true,
uppercase: true,
specialCharacters: false,
numbers: true
}
};
var validator = new ValidatePassword(options);
The validator will now not check the password for special characters...
We would love for you to contribute to validate-password, check the LICENSE file for more info.
Mike DeWitt – http://devdewitt.com/
Distributed under the MIT license. See LICENSE for more information.
FAQs
Strengthen your user's passwords
We found that validate-password demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."