The Weak Password assertion checks whether the password you have used follows standard rules for password security.
The assertion is available only in security tests. Use this assertion with the Weak Authentication security scan.
Follow these steps:
 |
Open a security test.
Click Response Assertion next to the Weak Authentication scan.
Click
in the Assertions panel
In the New Assertions dialog, search for the Weak Password assertion or select it manually in the Security category.
Specify your requirements for password complexity.
 |
Here are the options you can set:
Option | Description | Example |
|---|---|---|
Minimum length | Sets the minimum length of a password. | alongpassword |
No QWERTY | Forbids keyboard character sequences. |
|
No Alphabetical | Forbids alphabetical sequences. |
|
No Numerical Sequences | Forbids number sequences. |
|
No Repeated Characters | Forbids character repeating. |
|
Digits | Sets the minimal number of digits. |
|
Non-Alphanumeric | Sets the minimal number of non-alphanumeric characters. |
|
Uppercase | Sets the required number of uppercase characters. |
|
Lowercase | Sets the required number of lowercase characters. |
|
Add more assertions to ensure the security of the tested service: