Picto thématique

Rule n° 198 - A mechanism raises the user's awareness regarding their password's level of security

A password must have a minimum level of complexity so that it cannot be easily guessed for malicious purposes. It is advisable to warn the user if the password he has chosen is not complex enough. Some systems even make it possible to inform the user of this on-line while entering the password.

#Accessibility #Security #Conception #Development


  • Inform users of the level of security of their selected passwords and, therefore, the risk of being hacked.


Entering the password leads to validation and a response indicating its degree of security, before final submission of the registration form or password change.


In any registration or password change form:
  • Enter a password and ensure that this entry leads to validation and a response indicating its degree of security, before the final submission of the form.
This validation can be more or less strict: check the number of characters, the absence of the account identifier in the password, the type of characters present, etc.

By Opquast - Read the license

Discover Opquast training and certification

The objective of these rules and the Opquast community mission is ‘making the web better’ for your customers and for everyone! Opquast rules cover the key major areas of risk that can negatively affect website users such as privacy, ecodesign, accessibility and security.

Opquast training has already allowed over 14,500 web professionals to have their skills certified. Train your teams or your students, contact us