undefined | Better HN

Better HN

Top Best Ask Show New Jobs

0 pointsunderlines7y ago0 comments

Define normal :) i now own the user " " with the password " " you might add trimming special characters and whitespace.

0 pointsunderlines7y ago0 comments

Define normal :) i now own the user " " with the password " " you might add trimming special characters and whitespace.

0 comments

5 comments · 1 top-level

thegurus7y ago· 4 in thread

hahaha you're right! we've just setup the ^[a-zA-Z0-9_.-]+$ regex for both username and password. Thanks for the pen-testing

bonyt7y ago

Not sure this is ideal either, it rejected the first password my password manager generated. Password should probably just be anything other than all whitespace, no? Maybe a length requirement.

tomsmeding7y ago

Do you really want that regex for passwords also? Am I not allowed to put interesting characters in my password?

thegurus7y ago

Sorry guys, do you like ^[A-Za-z0-9@#$%^&+=]+$ for your passwords?

BlackLotus897y ago

You should not regex check your passwords at all. Just check !="" and maybe check the length There is no reason why you should limit symbols for passwords.

1 more reply

j / k navigate · click thread line to collapse