Set Minimum Password Length Firebase Email & Password Authentication

Question

When using Firebase\'s Email & Password setting it seems like there are no security constraints on the password.

For example I could create the following user:

Answer 1

There is currently no way to configure a minimum password length or strength for Firebase email+password Authentication.

You could build such a restriction into your app, but tech-savvy users can bypass that by calling the API. Or you could introduce a "isPasswordApproved" flag that only a server-side process can set, and then validate the password strength there. But neither of these sound very appealing.