Security: Add password complexity requirements #16

New Issue

Open

opened 2026-02-17 16:49:29 +00:00 by santhoshj · 0 comments

santhoshj commented 2026-02-17 16:49:29 +00:00

Owner

Copy Link

Summary

Password validation only requires minimum 8 characters. No complexity requirements.

Location

• backend/app/Http/Controllers/Api/V1/AuthController.php:39

Acceptance Criteria

• Require uppercase, lowercase, number, special character
• Minimum 12 characters
• Check against common password list

Related

• Security review finding

## Summary Password validation only requires minimum 8 characters. No complexity requirements. ## Location - `backend/app/Http/Controllers/Api/V1/AuthController.php:39` ## Acceptance Criteria - [ ] Require uppercase, lowercase, number, special character - [ ] Minimum 12 characters - [ ] Check against common password list ## Related - Security review finding

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

tdd-headroom

No results found.

Labels

Clear labels

tdd-documentation

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

vj santhoshj

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: santhoshj/headroom#16