设置最低密码长度Firebase电子邮件&密码认证 [英] Set Minimum Password Length Firebase Email & Password Authentication

问题描述

使用Firebase的电子邮件时，密码设置密码似乎没有安全限制.

When using Firebase's Email & Password setting it seems like there are no security constraints on the password.

例如，我可以创建以下用户:

For example I could create the following user:

firebaseRef.createUser(
{
    email: "john.doe@example.org",
    password: "j"
});

我想至少设置一个最小密码长度. Firebase是否提供执行此操作的方法?

I'd like to at least set a minimum password length. Does firebase provide a way to do this?

推荐答案

当前无法配置Firebase电子邮件和密码身份验证的最小密码长度或强度.

There is currently no way to configure a minimum password length or strength for Firebase email+password Authentication.

您可以在应用程序中内置这样的限制，但是精通技术的用户可以通过调用API来绕过该限制.或者，您可以引入"isPasswordApproved"标志，只有服务器端进程可以设置该标志，然后在此处验证密码强度.但这些听起来都不是很吸引人.

You could build such a restriction into your app, but tech-savvy users can bypass that by calling the API. Or you could introduce a "isPasswordApproved" flag that only a server-side process can set, and then validate the password strength there. But neither of these sound very appealing.

这篇关于设置最低密码长度Firebase电子邮件&密码认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！