An extension of Text input that applies a password mask to the value. Additionally the Encrypt option is always enabled for Password inputs. Other fields and options match text input.
Password inputs support a couple additional validation options.
- Validate Pwned List – Calls the haveibeenpwned.com API to validate the password is not in any known hack lists. Uses partial hash transmission so only the first 6 characters of the SHA256 hash are transmitted. This validation is performed server-side, so it is only performed when the user attempts to advance to the next page.
- Number of Character Classes – Can be used to validate the user has entered a minimum number of types of character. The possible classes are A-Z, a-z, 0-9, and symbols.
Because password inputs are always encrypted they require special handling in workflow actions:
To access an encrypted value from a workflow, use the
Decipher(value) function (defined in Special Value functions).
NOTE: Decipher does NOT simply return a plaintext version of the value. Instead it makes a placeholder wrapper around the value like this:
[ec:<value>]. This value is then replace with the plaintext version of the value by the workflow engine when the workflow is executed by the Panel Service agent. This behavior allows the value to be redacted in the saved workflow history. It also means that when passing encrypted values to MIM Test Fixtures via the workflow engine you must explicitly create a separate Memo for each encrypted value, rather than simply passing the entire form
Please sign in to leave a comment.