Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

django-password-validators

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

django-password-validators

Additional libraries for validating passwords in Django.

  • 1.7.3
  • PyPI
  • Socket score
Maintainers
1

========================== Django Password Validators

.. image:: https://github.com/fizista/django-password-validators/actions/workflows/ci.yml/badge.svg?branch=master :target: https://github.com/fizista/django-password-validators/actions/workflows/ci.yml?query=branch%3Amaster :alt: CI status

Additional libraries for validating passwords in Django 3.2 or later.

The application works well under python 4.x and 3.x versions.

Django version after the number 1.9, allows you to configure password validation. Configuration validation is placed under the variable AUTH_PASSWORD_VALIDATORS_.

Installation

Just install django-password-validators via pip::

$ pip install django-password-validators

Validators

UniquePasswordsValidator

Validator checks if the password was once used by a particular user. If the password is used, then an exception is thrown, of course.

For each user, all the passwords are stored in a database. All passwords are strongly encrypted.

Configuration...

In the file settings.py we add ::

INSTALLED_APPS = [
    ...
    'django_password_validators',
    'django_password_validators.password_history',
    ...
]

AUTH_PASSWORD_VALIDATORS = [ ... { 'NAME': 'django_password_validators.password_history.password_validation.UniquePasswordsValidator', 'OPTIONS': { # How many recently entered passwords matter. # Passwords out of range are deleted. # Default: 0 - All passwords entered by the user. All password hashes are stored. 'last_passwords': 5 # Only the last 5 passwords entered by the user } }, ... ]

If you want, you can change the default hasher for the password history.

DPV_DEFAULT_HISTORY_HASHER = 'django_password_validators.password_history.hashers.HistoryHasher'

And run ::

python manage.py migrate

PasswordCharacterValidator

The validator checks for the minimum number of characters of a given type.

In the file settings.py we add ::

INSTALLED_APPS = [
    ...
    'django_password_validators',
    ...
]

AUTH_PASSWORD_VALIDATORS = [ ... { 'NAME': 'django_password_validators.password_character_requirements.password_validation.PasswordCharacterValidator', 'OPTIONS': { 'min_length_digit': 1, 'min_length_alpha': 2, 'min_length_special': 3, 'min_length_lower': 4, 'min_length_upper': 5, 'special_characters': "~!@#$%^&*()_+{}":;'[]" } }, ... ]

.. _AUTH_PASSWORD_VALIDATORS: https://docs.djangoproject.com/en/4.1/ref/settings/#std-setting-AUTH_PASSWORD_VALIDATORS

Keywords

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Fluent Assertions Faces Backlash After Abandoning Open Source Licensing

Security News

Fluent Assertions Faces Backlash After Abandoning Open Source Licensing

Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.

By Sarah Gooding  -  Jan 18, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc