UITextInputPasswordRules
WebKit engineer Daniel Bates submitted this proposal for consideration to the whatwg on March 1st. On June 6th, the WebKit team announced Safari Technology Preview Release 58, with support for strong password generation using the new passwordrules attribute. This announcement coincided with the release iOS 12 beta SDKs at WWDC, which included a new UITextInputPasswordRules API, along with a number of other password management features, including Security Code AutoFill and federated authentication.
→ nshipster.com/uitextinputpasswordrules/
Automatic Strong Passwords (iOS 12 / macOS Mojave) let Safari and your app generate truly random, high-entropy passwords that actually satisfy the site’s rules, no more “password too weak” after AutoFill.
The magic is the new Password Rules syntax.
Password Rules in a nutshell
A semicolon-separated list you put on the password field:
<!-- Web -->
<input type="password"
autocomplete="new-password"
passwordrules="required: upper; required: lower; required: digit; required: special; minlength: 12; max-consecutive: 3;">
// iOS
textField.textContentType = .newPassword
textField.passwordRules = UITextInputPasswordRules(descriptor:
"required: upper; required: lower; required: digit; required: special; minlength: 12; max-consecutive: 3;")
Available keys
required:/allowed:→upper,lower,digit,special,ascii-printable,unicode, or[abc123]custom setminlength:,maxlength:max-consecutive:(prevents 111 or aaa)
If you omit the attribute, the default is allowed: ascii-printable.
Why it matters
- Safari will only suggest passwords that 100 % match the rules → no more rejected suggestions.
- Users finally get 20+ character random passwords everywhere.
- You get NIST-compliant password policies (long + random, no stupid composition rules) with zero extra code.
Just add the passwordrules attribute (web) or set passwordRules (iOS) on every sign-up / change-password field and you’re done. The system does the rest.
Category:
Tags:
Year: