[SG-1022] Update min password requirements to 12 char (#4690)

* fix: change to 10 * work: 12! * Update register.component.ts * fix: whoops, missed a few * fix: can't believe i missed this. --------- Co-authored-by: Jared Snider <116684653+JaredSnider-Bitwarden@users.noreply.github.com>
2024-09-27 04:03:00 +02:00 · 2023-02-16 13:15:47 -05:00 · 2023-02-16 13:15:47 -05:00 · 91600bb610
commit 91600bb610
parent 45b6ac81c3
8 changed files with 35 additions and 8 deletions
--- a/apps/browser/src/_locales/en/messages.json
+++ b/apps/browser/src/_locales/en/messages.json
@ -430,7 +430,14 @@
    "message": "Master password retype is required."
  },
  "masterPasswordMinlength": {
-    "message": "Master password must be at least 8 characters long."
+    "message": "Master password must be at least $VALUE$ characters long.",
+    "description": "The Master Password must be at least a specific number of characters long.",
+    "placeholders": {
+      "value": {
+        "content": "$1",
+        "example": "8"
+      }
+    }
  },
  "masterPassDoesntMatch": {
    "message": "Master password confirmation does not match."
--- a/apps/cli/src/auth/commands/login.command.ts
+++ b/apps/cli/src/auth/commands/login.command.ts
@ -373,8 +373,10 @@ export class LoginCommand {
      return this.updateTempPassword("Master password is required.\n");
    }

-    if (masterPassword.length < 8) {
-      return this.updateTempPassword("Master password must be at least 8 characters long.\n");
+    if (masterPassword.length < Utils.minimumPasswordLength) {
+      return this.updateTempPassword(
+        `Master password must be at least ${Utils.minimumPasswordLength} characters long.\n`
+      );
    }

    // Strength & Policy Validation
--- a/apps/desktop/src/locales/en/messages.json
+++ b/apps/desktop/src/locales/en/messages.json
@ -542,7 +542,14 @@
    "message": "Master password retype is required."
  },
  "masterPasswordMinlength": {
-    "message": "Master password must be at least 8 characters long."
+    "message": "Master password must be at least $VALUE$ characters long.",
+    "description": "The Master Password must be at least a specific number of characters long.",
+    "placeholders": {
+      "value": {
+        "content": "$1",
+        "example": "8"
+      }
+    }
  },
  "masterPassDoesntMatch": {
    "message": "Master password confirmation does not match."
--- a/apps/web/src/app/organizations/members/components/reset-password.component.ts
+++ b/apps/web/src/app/organizations/members/components/reset-password.component.ts
@ -20,6 +20,7 @@ import { PasswordGenerationService } from "@bitwarden/common/abstractions/passwo
 import { PlatformUtilsService } from "@bitwarden/common/abstractions/platformUtils.service";
 import { PolicyService } from "@bitwarden/common/abstractions/policy/policy.service.abstraction";
 import { KdfConfig } from "@bitwarden/common/auth/models/domain/kdf-config";
+import { Utils } from "@bitwarden/common/misc/utils";
 import { EncString } from "@bitwarden/common/models/domain/enc-string";
 import { MasterPasswordPolicyOptions } from "@bitwarden/common/models/domain/master-password-policy-options";
 import { SymmetricCryptoKey } from "@bitwarden/common/models/domain/symmetric-crypto-key";
@ -112,7 +113,7 @@ export class ResetPasswordComponent implements OnInit, OnDestroy {
      this.platformUtilsService.showToast(
        "error",
        this.i18nService.t("errorOccurred"),
-        this.i18nService.t("masterPasswordMinlength")
+        this.i18nService.t("masterPasswordMinlength", Utils.minimumPasswordLength)
      );
      return false;
    }
--- a/apps/web/src/locales/en/messages.json
+++ b/apps/web/src/locales/en/messages.json
@ -698,7 +698,14 @@
    "message": "Master password retype is required."
  },
  "masterPasswordMinlength": {
-    "message": "Master password must be at least 8 characters long."
+    "message": "Master password must be at least $VALUE$ characters long.",
+    "description": "The Master Password must be at least a specific number of characters long.",
+    "placeholders": {
+      "value": {
+        "content": "$1",
+        "example": "8"
+      }
+    }
  },
  "masterPassDoesntMatch": {
    "message": "Master password confirmation does not match."
--- a/libs/angular/src/auth/components/change-password.component.ts
+++ b/libs/angular/src/auth/components/change-password.component.ts
@ -10,6 +10,7 @@ import { PolicyService } from "@bitwarden/common/abstractions/policy/policy.serv
 import { StateService } from "@bitwarden/common/abstractions/state.service";
 import { KdfConfig } from "@bitwarden/common/auth/models/domain/kdf-config";
 import { KdfType } from "@bitwarden/common/enums/kdfType";
+import { Utils } from "@bitwarden/common/misc/utils";
 import { EncString } from "@bitwarden/common/models/domain/enc-string";
 import { MasterPasswordPolicyOptions } from "@bitwarden/common/models/domain/master-password-policy-options";
 import { SymmetricCryptoKey } from "@bitwarden/common/models/domain/symmetric-crypto-key";
@ -120,7 +121,7 @@ export class ChangePasswordComponent implements OnInit, OnDestroy {
      this.platformUtilsService.showToast(
        "error",
        this.i18nService.t("errorOccurred"),
-        this.i18nService.t("masterPasswordMinlength")
+        this.i18nService.t("masterPasswordMinlength", Utils.minimumPasswordLength)
      );
      return false;
    }
--- a/libs/angular/src/components/register.component.ts
+++ b/libs/angular/src/components/register.component.ts
@ -171,6 +171,8 @@ export class RegisterComponent extends CaptchaProtectedComponent implements OnIn
          return this.i18nService.t("masterPassDoesntMatch");
        case "inputsMatchError":
          return this.i18nService.t("hintEqualsPassword");
+        case "minlength":
+          return this.i18nService.t("masterPasswordMinlength", Utils.minimumPasswordLength);
        default:
          return this.i18nService.t(this.errorTag(error));
      }
--- a/libs/common/src/misc/utils.ts
+++ b/libs/common/src/misc/utils.ts
@ -31,7 +31,7 @@ export class Utils {
  static regexpEmojiPresentation =
    /(?:[\u231A\u231B\u23E9-\u23EC\u23F0\u23F3\u25FD\u25FE\u2614\u2615\u2648-\u2653\u267F\u2693\u26A1\u26AA\u26AB\u26BD\u26BE\u26C4\u26C5\u26CE\u26D4\u26EA\u26F2\u26F3\u26F5\u26FA\u26FD\u2705\u270A\u270B\u2728\u274C\u274E\u2753-\u2755\u2757\u2795-\u2797\u27B0\u27BF\u2B1B\u2B1C\u2B50\u2B55]|\uD83C[\uDC04\uDCCF\uDD8E\uDD91-\uDD9A\uDDE6-\uDDFF\uDE01\uDE1A\uDE2F\uDE32-\uDE36\uDE38-\uDE3A\uDE50\uDE51\uDF00-\uDF20\uDF2D-\uDF35\uDF37-\uDF7C\uDF7E-\uDF93\uDFA0-\uDFCA\uDFCF-\uDFD3\uDFE0-\uDFF0\uDFF4\uDFF8-\uDFFF]|\uD83D[\uDC00-\uDC3E\uDC40\uDC42-\uDCFC\uDCFF-\uDD3D\uDD4B-\uDD4E\uDD50-\uDD67\uDD7A\uDD95\uDD96\uDDA4\uDDFB-\uDE4F\uDE80-\uDEC5\uDECC\uDED0-\uDED2\uDED5-\uDED7\uDEEB\uDEEC\uDEF4-\uDEFC\uDFE0-\uDFEB]|\uD83E[\uDD0C-\uDD3A\uDD3C-\uDD45\uDD47-\uDD78\uDD7A-\uDDCB\uDDCD-\uDDFF\uDE70-\uDE74\uDE78-\uDE7A\uDE80-\uDE86\uDE90-\uDEA8\uDEB0-\uDEB6\uDEC0-\uDEC2\uDED0-\uDED6])/g;
  static readonly validHosts: string[] = ["localhost"];
-  static readonly minimumPasswordLength = 10;
+  static readonly minimumPasswordLength = 12;

  static init() {
    if (Utils.inited) {