Add support for requiring a minimum password strength
When the client uses BS-SPEKE to generate their SSSS key, the security of the user's account depends entirely on the strength of their password. Therefore we should do everything we can to help make sure that users pick good passwords.
For one, we could allow server admins to set a minimum password strength. For BS-SPEKE, the server never learns the raw password, so any strength requirement must be enforced by the client.
There are very reasonable, practical password strength estimators available now, for example Zxcvbn.
We could add a new password_policy
section to the params
for the BS-SPEKE oprf
stages.
For example:
{
...
"params": {
...
"m.enroll.bsspeke-ecc.oprf": {
"curve": "curve25519",
"hash_function": "blake2b",
"phf_params": {
"name": "argon2i",
"iterations": 3,
"blocks": 100000
},
"password_policy": {
"minimum_zxcvbn": 3
}
}
}
}