Skip to content
Snippets Groups Projects
Normal view Permalink
changing-password-complexity.md 935 B
Newer Older
Jeff Bruemmer's avatar
docs - frontmatter (#23272)  
Jeff Bruemmer committed
1 
---
Jeff Bruemmer's avatar
docs - readme titles (#25290)  
Jeff Bruemmer committed
2 
title: Password complexity
Jeff Bruemmer's avatar
docs - more restructuring (#24856)  
Jeff Bruemmer committed
3 4 
redirect_from:
  - /docs/latest/operations-guide/changing-password-complexity
Jeff Bruemmer's avatar
docs - frontmatter (#23272)  
Jeff Bruemmer committed
5 6 
---
Jeff Bruemmer's avatar
docs - readme titles (#25290)  
Jeff Bruemmer committed
7 
# Password complexity
mbvictoria's avatar
Operations guide breakout (#10569)
mbvictoria committed
8 9 10 11 12 13 14 15 16 17 18 

Metabase offers a couple controls for administrators who prefer to increase the password requirements on their user accounts.

    export MB_PASSWORD_COMPLEXITY=strong
    export MB_PASSWORD_LENGTH=10

The settings above can be used independently, so it's fine to use only one or the other.  By default Metabase use complexity = `normal` and a password length of 6.  The following options are available for complexity choice:

* `weak` = no character constraints
* `normal` = at least 1 digit
* `strong` = minimum 8 characters w/ 2 lowercase, 2 uppercase, 1 digit, and 1 special character
Noah Moss's avatar
Add deny list of common passwords (#15912)  
Noah Moss committed
19 20 

By default, Metabase also prevents users from setting passwords that are in a list of common passwords (like `qwerty123` and
Jeff Bruemmer's avatar
docs - readme titles (#25290)  
Jeff Bruemmer committed
21 
`passw0rd`). Changing the complexity requirement to `weak` disables this behavior.