Weak Password Assertion

Applies to ReadyAPI 3.53, last modified on May 15, 2024

The Weak Password assertion checks whether the password you have used follows standard rules for password security.


The assertion is available only in security tests. Use this assertion with the Weak Authentication security scan.

Create an assertion

Follow these steps:

Security tests: The Assertions panel

Click the image to enlarge it.

  1. Open a security test.

  2. Click Response Assertion next to the Weak Authentication scan.

  3. Click in the Assertions panel

In the New Assertions dialog, search for the Weak Password assertion or select it manually in the Security category.

Setting up properties

Specify your requirements for password complexity.

ReadyAPI: Configuring the Weak Password assertion

Click the image to enlarge it.

Here are the options you can set:

Option Description Example
Minimum length

Sets the minimum length of a password.


Forbids keyboard character sequences.

qwer asdf
No Alphabetical

Forbids alphabetical sequences.

abc ABC
No Numerical Sequences

Forbids number sequences.

1234 789
No Repeated Characters

Forbids character repeating.

AAA 111

Sets the minimal number of digits.


Sets the minimal number of non-alphanumeric characters.


Sets the required number of uppercase characters.


Sets the required number of lowercase characters.


See Also

Security Assertions
Basic Authorization Assertion
Sensitive Files Exposure Assertion
Cross Site Scripting Assertion
Sensitive Information Exposure Assertion

Highlight search results