ASP.NET Core how to block specific passwords

Asked Sep 16 '22 at 07:32

Active Sep 16 '22 at 07:34

Viewed 37 times

I have the following code I modified from the original ASP.NET Core project template

builder.Services.AddDefaultIdentity<IdentityUser>(
        options =>
        {
            options.Password.RequireDigit = true;
            options.Password.RequiredLength = 8;
            options.Password.RequireNonAlphanumeric = false;
            options.Password.RequireLowercase = true;
            options.Password.RequireUppercase = true;
        }
    )
    .AddEntityFrameworkStores<ApplicationDbContext>();

But how do I make ASP.NET Core return an error for specific passwords?

Let's say I have an array of banned passwords like this:

var bannedPasswords = new[] {"password", "qwertyuiop", "12345678"};

edited Sep 16 '22 at 07:34

marc_s

732,580
175
1,330
1,459

asked Sep 16 '22 at 07:32

Alizer

https://stackoverflow.com/a/61913072/529282 – Martheen Sep 16 '22 at 07:37
https://www.sjoerdlangkemper.nl/2017/01/12/checking-passwords-against-a-dictionary-in-asp-net-mvc/ – D A Sep 16 '22 at 07:39
You can try to use [`IPasswordValidator`](https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.identity.passwordvalidator-1?view=aspnetcore-6.0) to custom your own password validator – Xinran Shen Sep 16 '22 at 07:47

ASP.NET Core how to block specific passwords

0 Answers0