If you are a developer, security is definitely one of your top concerns. When we built Appwrite, we wanted to help developers build secure applications faster. And we are always looking out for features that make our open-source back-end services more secure.
However we may write the most secure APIs and applications, but if the end-user chooses a terrible password, all our work would be for nothing. Users selecting a simple, easily guessed password or repeating the same password over and over again, even when changing, are things that make even the most secure applications vulnerable. With Appwrite version 1.3.0, we introduce a password history feature to tackle the problem where users repeatedly use the same password. We also introduce a password dictionary feature to tackle weak passwords, which is talked about in another article. In this article, let’s talk about Password History and why it is a valuable tool in your security arsenal.
Password history is especially important today when online security breaches are becoming more common. By keeping track of their password history, users can ensure they are not repeating their password and also be sure they are safe if there was a data breach previously.
The newly introduced password history feature is another step in making authentication more secure for end users. With this new feature, you can save users’ last-used passwords and prevent them from reusing them. By default, Password History is disabled and can be enabled through the project’s Auth settings. You can also configure the number of passwords to remember. The maximum number of passwords allowed to save is 20. When you enable this feature, your users cannot reuse passwords they have previously used.
To configure the password history feature, you can visit Authentication in the dashboard. Under the Security tab.
Once there, you can enable password history and set the number of passwords to save. Once you are done, click the Update button to save the changes.
Overall, the Password History features, together with the password dictionary feature introduced in Appwrite 1.3, is a valuable tool for improving online security and preventing users from using vulnerable and repeated passwords. By enabling this feature, your users can ensure they are using strong, unique passwords that have not been previously compromised. If you have any queries or want to learn more about Appwrite, you can use the following resources.