Rodauth requires passwords to have at least 6 characters. You can modify the minimum length:
plugin :rodauth do enable :login, :logout, :create_account # Require passwords to have at least 8 characters password_minimum_length 8 end
You can use the disallow common passwords feature to prevent the usage of common passwords (the most common 10,000 by default).
You can use additional complexity checks on passwords via the password complexity feature, though most of those complexity checks are no longer considered modern security best practices and are likely to decrease overall security.
If you want complete control over whether passwords meet requirements, you can use the
password_meets_requirements? configuration method.
plugin :rodauth do enable :login, :logout, :create_account password_meets_requirements? do |password| #true if password meets requirements, false otherwise end end