Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandyaย - ย Jun 06, 2025
๐ Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more โ
advanced-password-validator
Advanced tools
advanced-password-validator
A dynamic password validation system with preconfigured modes and rule-based design
- Maintainers
- 1
๐ Advanced Password Validator
A dynamic, rule-based password validation system for Python. Supports configurable validation rules and pre-set security modes to suit different application needs.
๐ Features
- โ Rule-based architecture โ plug & play validation rules
- ๐ Preconfigured modes:
lenient,moderate,strict - ๐ Supports: min/max length, symbols, blacklist, common password checks, etc.
- ๐ Compare passwords to a list of over 30000 already-registered passwords for added security
- ๐งช Designed for unit testing & integration
๐ฆ Installation
pip install advanced_password_validator
poetry add advanced_password_validator
๐ Code Usage:
An overview of a common coding example utilizing the advanced_password_validator to validate a password using customizable rules
from advanced_password_validator import PasswordValidator, Mode
# Instantiate a validator object:
validator = PasswordValidator(
min_length = 8, # Integer / Defaults to None
max_length = 65, # Integer / Defaults to None
require_uppercase = True, # Boolean / Defaults to False
require_numbers = True, # Boolean / Defaults to False
require_symbols = True, # Boolean / Defaults to False
no_spaces = True, # Boolean / Defaults to False
must_include_char = None, # String / Defaults to None
no_repeating_chars = 5, # Integer / Defaults to None
blacklisted_pattern = False, # Boolean / Defaults to False
not_common = False, # Boolean / Defaults to False
mode = None # Mode (Enum) / Defaults to None
)
# validate against password strings:
password_valid1 = validator.validate("ThisIsSuperValid123+")[0]
password_valid2 = validator.validate("nouppercase123+")[0]
password_valid3 = validator.validate("NoNumbers++")[0]
print(password_valid1) # <= Returns True
print(password_valid2) # <= Returns False
print(password_valid3) # <= Returns False
0๏ธโฃ Return Type
The validate method returns a tuple: (bool, list)
- [0] = a boolean value determining if the password passed the validation
- [1] = a list of errors based on what Rules the password didn't pass (the list will be empty if validation passes)
๐ Rules Overview:
A rudimentary overview of the rules that can enabled for custom validation
| Rules | Description |
|---|---|
| min_length | Specifies the minimum length required for the password (Integer) |
| max_length | Specifies the maximum length possible for the password (Integer) |
| require_uppercase | Specifies if the password must include at least 1 uppercase letter (Boolean) |
| require_numbers | Specifies if the password must include at least 1 digit (Boolean) |
| require_symbols | Specifies if the password must include at least 1 special character (Boolean) |
| no_spaces | Specifies if the password can include spaces (Boolean) |
| must_include_char | Specifies one of more required characters in the password (String) |
| no_repeating_chars | Specifies how many sequentially, repeating characters can be included in the password (Integer) |
| blacklisted_pattern | Specifies whether to check the password against a list of blacklisted patterns (Boolean) |
| not_common | Specifies whether to check the password against a list of commonly used passwords (Boolean) |
| mode | Specifies whether to use one of the 3 preconfigured modes (Mode) |
๐ค Preconfigured Modes:
The advanced password validator package supports 3 preconfigured validator modes:
- Lenient
- Moderate
- Strict Each of these individual modes come preconfigured with different values, and are meant to be utilised for quick out-of-the-box solutions.
from advanced_password_validator import PasswordValidator, Mode
validator = PasswordValidator(
mode=Mode.lenient
)
# The mode param takes in a Mode-object (Enum) - Mode.lenient, Mode.moderate, Mode.strict
Lenient
- min_length = 8
- max_length = 65
Moderate
- min_length = 8
- max_length = 65
- require_uppercase = True
- require_numbers = True
- no_spaces = True
- no_repeating_chars = 4
Strict
- min_length = 12
- max_length = 65
- require_uppercase = True
- require_numbers = True
- require_symbols = True
- no_spaces = True
- no_repeating_chars = 3
- blacklisted_pattern = True
- not_common = True
๐ License Details:
This project is licensed under the MIT License โ see the LICENSE section for further details.
Keywords
FAQs
A dynamic password validation system with preconfigured modes and rule-based design
We found that advanced-password-validator demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago.ย It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norrisย - ย Jun 05, 2025
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandyaย - ย Jun 05, 2025