Weak Password Policy on Signup at https://accounts.bistudio.com/auth

Hi, I found that you are using a weak password policy! Because user can set his password same as Email address! Steps To reproduce: 1. Register an account with Email address "[email protected]" 2. Also password "[email protected]". You can see both values are same. You will become successfully register with these information which can easily guessable by anyone. Kindly restrict user that password should be same as Email address! Thanks, ## Impact Password should not match with Email address because if password is same as Email address then account can be compromise easily!