Skip to content

fix: align UI password minimum length with backend #1919

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
daryllimyt wants to merge 1 commit into from
Closed

fix: align UI password minimum length with backend #1919

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion frontend/src/components/auth/sign-up.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@ const basicRegistrationSchema = z.object({
email: z.string().email().min(3, { message: "Required" }),
password: z
.string()
.min(12, "Password needs to be at least 12 characters long"),
.min(16, "Password needs to be at least 16 characters long"),
Comment on lines 98 to +100
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Jan 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Keep UI min length aligned with backend default

If the backend still uses the default 12‑character minimum (tracecat/config.py:102-103 and AuthSettingsUpdate default=12 in tracecat/settings/schemas.py), this change makes the sign‑up UI reject 12–15 character passwords that the API would accept, so users can be blocked from registering or forced to pick longer passwords than policy requires. This only manifests in environments where TRACECAT__AUTH_MIN_PASSWORD_LENGTH (or the stored auth settings) remains 12, so either use the configured value in the UI or update the backend defaults together to avoid the mismatch.

Useful? React with 👍 / 👎.

})
type BasicLoginForm = z.infer<typeof basicRegistrationSchema>

Expand Down
4 changes: 2 additions & 2 deletions frontend/src/components/auth/update-password-form.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,10 @@ import { useUserManager } from "@/lib/hooks"

const resetPasswordSchema = z
.object({
password: z.string().min(8, "Password must be at least 8 characters"),
password: z.string().min(16, "Password must be at least 16 characters"),
confirmPassword: z
.string()
.min(8, "Password must be at least 8 characters"),
.min(16, "Password must be at least 16 characters"),
})
.refine((data) => data.password === data.confirmPassword, {
message: "Passwords do not match",
Expand Down
2 changes: 1 addition & 1 deletion frontend/src/components/organization/org-settings-auth.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ export function OrgSettingsAuthForm() {
})) ?? [],
auth_require_email_verification:
authSettings?.auth_require_email_verification ?? false,
auth_min_password_length: authSettings?.auth_min_password_length ?? 12,
auth_min_password_length: authSettings?.auth_min_password_length ?? 16,
auth_session_expire_time_seconds:
authSettings?.auth_session_expire_time_seconds ?? 3600,
},
Expand Down