Weak Password Assertion
The Weak Password assertion checks whether the password you have used follows standard rules for password security.
Availability
The assertion is available only in security tests. Use this assertion with the Weak Authentication security scan.
Create an assertion
Follow these steps:
![]() |
Open a security test.
Click Response Assertion next to the Weak Authentication scan.
Click
in the Assertions panel
In the New Assertions dialog, search for the Weak Password assertion or select it manually in the Security category.
Setting up properties
Specify your requirements for password complexity.
![]() |
Here are the options you can set:
Option | Description | Example |
---|---|---|
Minimum length | Sets the minimum length of a password. | alongpassword |
No QWERTY | Forbids keyboard character sequences. |
|
No Alphabetical | Forbids alphabetical sequences. |
|
No Numerical Sequences | Forbids number sequences. |
|
No Repeated Characters | Forbids character repeating. |
|
Digits | Sets the minimal number of digits. |
|
Non-Alphanumeric | Sets the minimal number of non-alphanumeric characters. |
|
Uppercase | Sets the required number of uppercase characters. |
|
Lowercase | Sets the required number of lowercase characters. |
|
Other Security Assertions
Add more assertions to ensure the security of the tested service: