设置最小密码长度 Firebase 电子邮件 &密码认证 [英] Set Minimum Password Length Firebase Email & Password Authentication
问题描述
使用 Firebase 的电子邮件时密码设置似乎对密码没有安全限制.
When using Firebase's Email & Password setting it seems like there are no security constraints on the password.
例如我可以创建以下用户:
For example I could create the following user:
firebaseRef.createUser(
{
email: "john.doe@example.org",
password: "j"
});
我想至少设置一个最小密码长度.firebase 是否提供了一种方法来做到这一点?
I'd like to at least set a minimum password length. Does firebase provide a way to do this?
推荐答案
目前无法为 Firebase 电子邮件+密码身份验证配置最小密码长度或强度.
There is currently no way to configure a minimum password length or strength for Firebase email+password Authentication.
您可以在您的应用中建立这样的限制,但精通技术的用户可以通过调用 API 来绕过它.或者您可以引入一个只有服务器端进程可以设置的isPasswordApproved"标志,然后在那里验证密码强度.但这些听起来都不是很吸引人.
You could build such a restriction into your app, but tech-savvy users can bypass that by calling the API. Or you could introduce a "isPasswordApproved" flag that only a server-side process can set, and then validate the password strength there. But neither of these sound very appealing.
这篇关于设置最小密码长度 Firebase 电子邮件 &密码认证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!