You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
They claim that overly strict policies have negative effects as users work around them using repetition or easy to guess replacements (a to @, i|l to !).
Preferred mechanisms to support security is common word dictionaries and 2FA.
The text was updated successfully, but these errors were encountered:
@stuartc@amberrignell what's the acceptance criteria of this issue ? Is it only "It should be at least 8 characters long" or do you have other ideas about rules to validate the password ?
As a user concerned about security, I want to ensure all users have strong/secure passwords.
It should be at least 8 characters long.
Here is an interesting article from Microsoft around password policies: https://docs.microsoft.com/en-us/microsoft-365/admin/misc/password-policy-recommendations?view=o365-worldwide
They claim that overly strict policies have negative effects as users work around them using repetition or easy to guess replacements (
a
to@
,i|l
to!
).Preferred mechanisms to support security is common word dictionaries and 2FA.
The text was updated successfully, but these errors were encountered: