Password strength config used for password settings in your project
Password strength config object
Fields
Whether to use the HaveIBeenPwned database to detect password breaches when a user first creates their password
Whether to use the HaveIBeenPwned database to detect password breaches when a user authenticates
Whether to require a password reset on authentication if a user’s current password doesn’t meet current policy requirements
The validation policy to use – either ZXCVBN or LUDS
(OPTIONAL) The minimum number of characters in a password if using a LUDS validation_policy. This field is ignored when using the ZXCVBN validation_policy. If present, this value must be a number in the range [8, 32].
(OPTIONAL) If using a LUDS validation_policy, the minimum number of "character types" in a password (Lowercase, Uppercase, Digits, Symbols). If present, this must be a number in the range [1, 4].