validate-password
Advanced tools
JS password validation for the client and the server.
Enforce stronger passwords for users by checking for uppercase/lowercase letters, numbers, and special characters.
You can also check passwords for certain strings. This is ideal for preventing users from entering their name or email in the password. Or, you can search the password for common words, to further encourage the user to pick a strong password.
Install via NPM:
npm install validate-password
##Usage
This can be used as a stand alone package:
<script src="node_modules/validate-password/dist/validate-password.min.js"></script>
or as a CommonJS module:
var ValidatePassword = require('validate-password');
Start by instantiating the password validator:
var validator = new ValidatePassword();
...And use the .checkPassword() method to validate the password.
.checkPassword() accepts two arguments - first, the password as a string:
var passwordData = validator.checkPassword('aaaaa');
console.log(passwordData.isValid); // false
console.log(passwordData.validationMessage); // 'The password must contain at least one uppercase letter'
And, optionally, an array of strings that are not allowed to be in the password:
var checkPasswordForName = validator.checkPassword('cat123aaBa$%^#$%#$%', ['cat123']);
console.log(passwordData.isValid); // false
console.log(passwordData.validationMessage); // 'The password cannot contain cat123'
See the examples directory for more detailed use cases...
##Options
By default, the validator checks for uppercase/lowercase letters, numbers, and special characters.
You can also pass in custom configuration options when instantiating the validator, to loosen these default rules:
var options = {
enforce: {
lowercase: true,
uppercase: true,
specialCharacters: false,
numbers: true
}
};
var validator = new ValidatePassword(options);
The validator will now not check the password for special characters...
We would love for you to contribute to validate-password, check the LICENSE file for more info.
Mike DeWitt – http://devdewitt.com/
Distributed under the MIT license. See LICENSE for more information.
FAQs
Strengthen your user's passwords
We found that validate-password demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub postponed a new billing model for self-hosted Actions after developer pushback, but moved forward with hosted runner price cuts on January 1.
Research
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
Security News
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.