Bug 213101

Summary: Update creation of passwords standards.
Product: WebKit Reporter: Joseph <jgrig2>
Component: FormsAssignee: Nobody <webkit-unassigned>
Status: RESOLVED INVALID    
Severity: Major CC: ap, cdumez, jgrig2, wenson_hsieh
Priority: P2    
Version: WebKit Nightly Build   
Hardware: All   
OS: All   
Attachments:
Description Flags
the password created by safari/webkit engine that would not be accepted. none

Joseph
Reported 2020-06-11 16:02:59 PDT
Created attachment 401690 [details] the password created by safari/webkit engine that would not be accepted. The template/formula that Safari/Webkit/Safari Tech. Preview uses to create a safe and secure password does not meet the standards for many websites. I have attached 1 example for the developer forum to create an account on the ARM architecture website. The criteria requested is : 8-16 characters, containing 3 out of 4 of the following: Lowercase characters, uppercase characters, digits (0-9), and one or more of the following symbols: @ # $ % ^ & * - _ + = [ ] { } | \ : ' , ? / ` ~ " ( ) ; . the created autofill password (see attachment 2) was rejected.
Attachments
the password created by safari/webkit engine that would not be accepted. (179.45 KB, image/png)
2020-06-11 16:02 PDT, Joseph 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Joseph
Comment 1 2020-06-11 16:04:12 PDT
I confirmed that this problem is replicated on safari and safari tech. preview.
Alexey Proskuryakov
Comment 2 2020-06-11 18:03:43 PDT
Password creation functionality is not part of WebKit. You can report the issue to Apple via http://feedbackassistant.apple.com Alternatively, this can be corrected in other ways: 1. Ideally, have the website provide an accurate pattern in the password form field, see <https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input#attr-pattern>. 2. Post an exception to <https://github.com/apple/password-manager-resources>.
Note You need to log in before you can comment on or make changes to this bug.