Password Generation Rules - Questions and Issues

Question

Greetings, All,

I realize that this is a new feature in beta, but the documentation for new password generation (Password AutoFill) seems somewhat incomplete and inconsistent. I'm filing a bug report, but I'm hoping someone might be able to shed some light here. I'm referring to the following documents:

Password Rules Validation Tool:
https://developer.apple.com/password-rules/
Password Rules Documentation:
https://developer.apple.com/documentation/security/password_autofill/customizing_password_autofill_rules

Question: How can square brackets be included as members of a custom <character-class>? Escaping with backslashes doesn't seem to help (at least, it's not accepted as valid by the Password Rules Validation Tool).
Question: How does the
```
max-consecutive:
```
option actually function? The word "consecutive" can have a few interpretations; it can indicate a repetition of the same character, but it can also imply a run of sequential characters. For example, if I include
```
max-consecutive: 2; in my rule descriptor string, which of the following would be rejected?
```
```
AAA, ABC, 111, 123, ###, #$%
```
Issue: The Documentation for
```
max-consecutive:
```
,
```
maxlength:
```
, and
```
minlength:
```
is either scrambled or missing. For example, the
```
max-consecutive:
```
reference says that it lets you specify the number of consecutive characters, but then later implies that it controls the maximum overall length of the password.
Issue: The
```
minlength:
```
option is undocumented, and is only shown in the samples below the reference.
Issue: The
```
maxlength:
```
option is not documented, nor can it be found in the samples below the reference. The only way to learn of its existence is to enable the option in the Password Rules Validation Tool.
Issue: The syntax "form" in the gray box in the Documentation's Overview section is incomplete. For example, it does not include either
```
maxlength:
```
or
```
minlength:
```
as possible options. Do additional options exist that are completely undocumented?
Issue: In the Password Rules Validation Tool, it is not actually possible to validate a password against the rules. That is, you can output a list of valid passwords, but you can not enter one (or a list) for validation.
Issue: Some systems would prefer to blacklist certain character group identifiers, or disallow individual characters included in those groups. A
```
rejected:
```
option should be available in addition to
```
allowed:
```
and
```
required:
```
.

Thanks for reading, and for any help you can provide... typing it all out helped me identify the issues. Next stop, RADAR!

Beta
iOS

961

Posted by

macserv

Reply

Add a Comment