4 changed files with 8 additions and 0 deletions
--- a/src/authentic2/api_views.py
+++ b/src/authentic2/api_views.py
@ -1571,6 +1571,7 @@ class ValidatePasswordAPI(BaseRpcView):
                {
                    'result': check.result,
                    'label': check.label,
+                    'tip': check.tip,
                }
            )
        result['ok'] = ok
--- a/src/authentic2/passwords.py
+++ b/src/authentic2/passwords.py
@ -59,6 +59,7 @@ class PasswordChecker(metaclass=abc.ABCMeta):
        def __init__(self, label, result):
            self.label = label
            self.result = result
+            self.tip = _('criteria met') if self.result else _('criteria unmet')

    @abc.abstractmethod
    def __call__(self, password, **kwargs):
--- a/src/authentic2/static/authentic2/js/password.js
+++ b/src/authentic2/static/authentic2/js/password.js
@ -99,6 +99,7 @@ a2_password_validate = (function () {

                    var $rule = $('<span class="a2-password-policy-rule"/>');
                    $rule.text(error.label)
+                    $rule.attr('title', error.tip)
                    $rule.appendTo($policyContainer);
                    $rule.toggleClass('a2-password-ok', error.result);
                    $rule.toggleClass('a2-password-nok', ! error.result);
--- a/tests/api/test_all.py
+++ b/tests/api/test_all.py
@ -1860,14 +1860,19 @@ def test_validate_password_regex(app, settings):
    assert len(response.json['checks']) == 5
    assert response.json['checks'][0]['label'] == '8 characters'
    assert response.json['checks'][0]['result'] is True
+    assert response.json['checks'][0]['tip'] == 'criteria met'
    assert response.json['checks'][1]['label'] == '1 lowercase letter'
    assert response.json['checks'][1]['result'] is True
+    assert response.json['checks'][1]['tip'] == 'criteria met'
    assert response.json['checks'][2]['label'] == '1 digit'
    assert response.json['checks'][2]['result'] is True
+    assert response.json['checks'][2]['tip'] == 'criteria met'
    assert response.json['checks'][3]['label'] == '1 uppercase letter'
    assert response.json['checks'][3]['result'] is True
+    assert response.json['checks'][3]['tip'] == 'criteria met'
    assert response.json['checks'][4]['label'] == 'must contain "ok"'
    assert response.json['checks'][4]['result'] is False
+    assert response.json['checks'][4]['tip'] == 'criteria unmet'

    response = app.post_json('/api/validate-password/', params={'password': 'x' * 8 + 'ok1X'})
    assert response.json['result'] == 1