Avoiding words in Passwords

I use software that uses Auth0 at least to validate passwords. As listed on this page: Password Options in Auth0 Database Connections,
users can be forced to avoid certain words in their password. Using the example on the page, as of now we couldn’t use the word “John” in a password but we could use joHn in a password.

Can validating a password be (custom) changed to have it avoid John whether a letter in that word is in lower case or in upper case? So “joHn” would be avoided as well?


@DavidAdam Hello David! Thanks for reaching out. I tried to replicate the issue you were having, but i was not able to successfully reproduce it. When signing up, I created a username and then entered various cases of a password containing that username. I was not able to successfully sign up. I would recommend turning on the Personal Data Toggle under the Password Policy section for your database connection.


This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.