设置最小密码长度 Firebase 电子邮件 &密码认证 [英] Set Minimum Password Length Firebase Email & Password Authentication

问题描述

使用 Firebase 的电子邮件时密码设置似乎对密码没有安全限制.

When using Firebase's Email & Password setting it seems like there are no security constraints on the password.

例如我可以创建以下用户:

For example I could create the following user:

firebaseRef.createUser(
{
    email: "john.doe@example.org",
    password: "j"
});

我想至少设置一个最小密码长度.firebase 是否提供了一种方法来做到这一点?

I'd like to at least set a minimum password length. Does firebase provide a way to do this?

推荐答案

目前无法为 Firebase 电子邮件+密码身份验证配置最小密码长度或强度.

There is currently no way to configure a minimum password length or strength for Firebase email+password Authentication.

您可以在您的应用中建立这样的限制，但精通技术的用户可以通过调用 API 来绕过它.或者您可以引入一个只有服务器端进程可以设置的isPasswordApproved"标志，然后在那里验证密码强度.但这些听起来都不是很吸引人.

You could build such a restriction into your app, but tech-savvy users can bypass that by calling the API. Or you could introduce a "isPasswordApproved" flag that only a server-side process can set, and then validate the password strength there. But neither of these sound very appealing.

这篇关于设置最小密码长度 Firebase 电子邮件 &密码认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！