If you're targeting your service to developers, you shouldn't set irritating password requirements like "alphanumerics and symbols". Whatever that means, because my password is still being rejected even though it satisfies both requirements (it has both letters and symbols).
Yet, you allow 4 character passwords ("4-100 characters"). What's the logic in that?
Edit: it looks like the password requirement is actually "any characters except whitespace". You should fix the error message.
Yet, you allow 4 character passwords ("4-100 characters"). What's the logic in that?
Edit: it looks like the password requirement is actually "any characters except whitespace". You should fix the error message.