The return message for the maximum length message is misleading
"The password must be fewer than ' + owasp.configs.maxLength + ' characters."
should say something like the following:
"The password must be _at most_ ' + owasp.configs.maxLength + ' characters."
The return message for the maximum length message is misleading
"The password must be fewer than ' + owasp.configs.maxLength + ' characters."
should say something like the following:
"The password must be _at most_ ' + owasp.configs.maxLength + ' characters."