I’m currently configuring the password strength of a DB Connection, I enabled to Good strength but couldn’t force the user to use all characters types, only 3 of 4.
So I was wondering what’s the point of increasing from Fair to Good if the user has the choice to not use the special characters?
That’s a known problem. There is no functional difference between “fair” and “good”… all “fair” passwords also pass the requirements for “good”. I believe the password settings page was going to be overhauled but haven’t seen mention of it in a while. It would be worthwhile submitting feedback to Auth0 on this.