
This article is part of a series:
• Registration – Activate a New Account by Email
• Spring Security Registration – Resend Verification Email
• Registration with Spring Security – Password Encoding
• The Registration API becomes RESTful
• Spring Security – Reset Your Password
• Registration – Password Strength and Rules
• Updating your Password
• Spring Security Registration Tutorial (current article)
• The Registration Process With Spring Security• Registration – Activate a New Account by Email
• Spring Security Registration – Resend Verification Email
• Registration with Spring Security – Password Encoding
• The Registration API becomes RESTful
• Spring Security – Reset Your Password
• Registration – Password Strength and Rules
• Updating your Password
Building a full-fledged, production-ready registration for your web application is oh so much more than just putting together a simple registration page.
There are a lot of questions that need to be answered:
- How do I verify the email addresses of new users?
- How do I properly and safely store user credentials?
- What if a user forgets their password?
- What about users changing their own password?
- How strong should passwords be? How can I enforce some sensible defaults in the app so that my users have good, strong passwords?
- What if I have more than one type of user? I need a good way to store roles and privileges.
- What about security questions? Should I even have them?
- How do I do all of this with good localization support? There are a lot of messages involved.

Registration Process Advanced
Security bottom
I just announced the new Learn Spring Security course, including the full material focused on the new OAuth2 stack in Spring Security 5:
>> CHECK OUT THE COURSESecurity footer banner


Learn the basics of securing a REST API with Spring
Get access to the video lesson