DEF-002 — Password requirements missing (Password validation)

Medium severity

Pending Retest

Defect DEF-002 — Severity: Medium · Status: Pending Retest

Published

2025-12-26

DEF-002 — Password requirements missing (Password validation)

Summary

Password requirements are not documented or communicated anywhere in the app. Users have no way to know what constitutes a valid password (minimum length, complexity rules, special characters, etc.). During account creation and password change flows, if a password is rejected, the error message does not explain what the requirements are, leaving users unable to create valid passwords.

Environment

Platform: DriveLink iOS App
Area: Authentication
Requirement(s): FR-51
Date Reported: 2025-12-26
Testing Phase: iOS App Initial Execution (3rd Milestone)

Steps to Reproduce

Go to Create Account or Change Password
Look for password requirements documentation
Observe no requirements are displayed
Enter various passwords and observe generic error with no guidance on what makes a valid password

Expected Behaviour

Password requirements must be clearly documented and displayed to users during registration and password change flows. Requirements should be shown inline (e.g., below the password field) or in a help/info icon. Error messages should specify which requirements are not met.

Actual Behaviour

Impact

Users cannot know what password format is valid
Increases registration/password change failures and frustration
Blocks proper testing and validation of password strength implementation (FR-51)

Severity

Medium

Status

Pending Retest (as of the February 8, 2026 status report) - Dev Fix Claimed: Yes - Note: Developer claims fixed with password validation popup — awaiting verification

Reported By

QA / Testing Team