[Esapi-user] ESAPI Question from the community
samantha.groves at owasp.org
Thu Nov 29 13:39:55 UTC 2012
Dear ESAPI List Members,
I was wondering if you could provide some assistance to Mr. Rohit Sharma,
cced into this message. I received a query from him today regarding an
ESAPI download. He got the download from here:
http://code.google.com/p/owasp-esapi-java/downloads/list . Please do have a
look and let me know if you are able to help.
Please see his message below:
I am using OWASP in a project to generate random password and also to
verify if password strength is strong enough. For both of these feature I
found incorrect documentation and incomplete implementation. I downloaded
2.0.1 version for Java. Here is couple of problems: 1- Verify password
method doesn't check if new password's length has minimum of 8 characters.
Doesn't even have configuration to support this feature, so I have to
program it further to make it happen.
2- Generate password method doesn't ensure that generated password has at
least one lower, upper, digit, and special character, so I have to improve
this feature as well. Please guide me if OWASP is aware of these missing
things or I am missing someting or got the incorrect version
Thank you very much in advance for your assistance.
*Samantha Groves, MBA*****
*OWASP Project Manager*
The OWASP Foundation
London, United Kingdom
Email: samantha.groves at owasp.org
Book a Meeting with Me <http://goo.gl/mZXdZ>
OWASP Contact US Form <http://owasp4.owasp.org/contactus.html>
New Project Application
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Esapi-user