创建强密码

使用密码管理器使用强大且唯一的密码保护你的 npm 账户。

¥Secure your npm account with a strong and unique password using a password manager.

你必须为你的 npm 账户选择或生成一个密码：

¥You must choose or generate a password for your npm account that:

超过 10 个字符

¥is longer than 10 characters
不匹配或明显包含你的用户名，例如不要使用 'username123'

¥does not match or significantly contain your username, e.g. do not use 'username123'
没有被 Have I Been Pwned 泄露数据库入侵和知晓

¥has not been compromised and known to the Have I Been Pwned breach database

为确保你的账户安全，我们建议你遵循以下最佳做法：

¥To keep your account secure, we recommend you follow these best practices:

使用密码管理器（例如 1Password）生成超过 16 个字符的密码。

¥Use a password manager, such as 1Password, to generate a password more than 16 characters.
为 npm 生成唯一密码。如果你在其他地方使用你的 npm 密码并且该服务受到威胁，那么攻击者或其他恶意行为者可能会使用该信息访问你的 npm 账户。

¥Generate a unique password for npm. If you use your npm password elsewhere and that service is compromised, then attackers or other malicious actors could use that information to access your npm account.
为你的账户配置双重身份验证。有关详细信息，请参阅 "关于双重身份验证。"

¥Configure two-factor authentication for your account. For more information, see "About two-factor authentication."
永远不要分享你的密码，即使是与潜在的合作者。每个人都应该在 npm 上使用自己的个人账户。有关协作方式的更多信息，请参阅："npm 组织".

¥Never share your password, even with a potential collaborator. Each person should use their own personal account on npm. For more information on ways to collaborate, see: "npm organizations".

当你输入密码以登录、创建账户或更改密码时，npm 将根据 HaveIBeenPwned 等数据集检查你输入的密码是否被认为是弱密码。即使你以前从未使用过该密码，该密码也可能被识别为弱密码。

¥When you type a password to sign in, create an account, or change your password, npm will check if the password you entered is considered weak according to datasets like HaveIBeenPwned. The password may be identified as weak even if you have never used that password before.

npm 仅在你输入密码时检查密码，从不以明文形式存储你输入的密码。有关详细信息，请参阅 HaveIBeenPwned。

¥npm only inspects the password at the time you type it, and never stores the password you entered in plaintext. For more information, see HaveIBeenPwned.