I need to get rid of the password constraints in the default django password register system so that a user doesn't need to have the password be eight characters or the password can't be too similar to the username, and be able to add my own password constraints such as a strength detector.
Asked
Active
Viewed 795 times
1 Answers
3
The setting AUTH_PASSWORD_VALIDATORS is a list of validators/constraints that a user's password must pass. If you use startproject these will be set to include both constraints you mention. You can remove them from the setting
For example, this is what the setting looks like from a fresh project started using startproject using the latest version of Django
AUTH_PASSWORD_VALIDATORS = [
{ # This validates against the username
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{ # This validates the length
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
Iain Shelvington
- 31,030
- 3
- 31
- 50
-
Thanks, but I was also wondering while creating a registration form, how do I specify what field needs to be filled out when giving an error in django. Right now the error is just "this field is required," but how do I change this field into the actual field like password, or username or something. – Bob Stone Sep 11 '19 at 23:27
-
Yes, I want it to be specified like password is required or username is required, instead of this field is required – Bob Stone Sep 11 '19 at 23:29
-
That's a little more complex, you would have to override the registration form and add these messages there https://stackoverflow.com/questions/1481771/django-override-default-form-error-messages – Iain Shelvington Sep 11 '19 at 23:43