Introduction
The forms in web2py are used to take inputs from users and perform actions on them by storing the data. The data provided by the users must be validated for security and to ensure it is not breached or mishandled. But how do we perform security validation on the user’s data? We have validators to handle this validation in web2py. Validators are the classes that are used to validate input fields and provide security to the data. Let’s learn about complexity and security validators in web2py in this article.
Complexity validators in web2py
The complexity validators validate the data format and enforce complexity requirements on the data fields. Mostly this validator is used for passwords to ensure they are in the required format. Let’s discuss the complexity validators and how to use them.
IS_STRONG
Whenever we provide a password in an input field in any form or registration page, it shows if the password is strong or not. We use the IS_STRONG validator in web2py to achieve this. This validator checks if a password is strong enough to be stored securely so it cannot be hacked or easily cracked by others.
min - defines the minimum length of the value
special - defines the minimum number of required special characters and what special characters can be included in the password.
upper - is the minimum number of upper case characters
invalid - defined the list of forbidden characters, by default invalid=' "'(double quote).
max - defines the maximum length of the value
lower - defines the minimum number of lower case characters
number - defines the minimum number of digit characters
error_message - displays an error message if the validation fails.
requiredPassword = IS_STRONG(min=8, max=20, invalid=’$’ special=2, upper=1, lower=1, number=1, error_message=”Password must contain the following: A lowercase letter, A capital (uppercase) letter, A number, Minimum 8 characters, Maximum 20 characters, Must not contain $ character”)
13+ registered 
