Feature: Allow configuration to enforce 4 of 4 requirements when setting/resetting passwords Description: Currently all password levels require the user to meet 3 out of 4 requirements (special characters, numbers, lowercase, uppercase) when setting/resetting the password. It would be nice if the l…

Hey there everyone! I’ve got a bit of an update on this one. We just reviewed it with the Product Team and it’s a part of our flexible user journey initiative and is taken into account but as of now it doesn’t have any public timeline yet. Thank you!

Perhaps a broader issue of more flexible password policies, to include the request to allow passphrases (longer password, but not necessarily including special characters, numbers, different casing) - as per Password policy that supports passphrases / phrase passwords ?

+1 on requiring 4/4 as a pentest just now highlighted this

+1 on requiring 4/4. Flagged in a pentest as well.

I would urge everyone here to read the following articles re: password strength. I realize for some it may be a regulatory requirement but “complexity rules” do not improve your security posture. Complexity rules lead users directly to predictable (exploitable) patterns of behaviour. If your own sec…

Feature: Provide a short title of your feature request/feedback. We have a requirement from our security team for passwords to require at least one uppercase letter, lowercase letter, digit, and special character. The current password creation requirements only require 3 of 4 of those options. We w…

Hi @dmart , Thank you for creating this feedback request! There is already a feedback request created asking to support all password complexity options (4 of 4). Given that, I have gone ahead and merged the two feedback requests for consistency and tracking purposes. If you haven’t, I recommend u…

+1 for 4/4 requirement on password policy! Are there any public timelines on this one yet @konrad.sopala ?

Hey there! Unfortunately nothing public yet. As far as I know it’s a part of our flexible user journey initiative. As soon as I know the dates I’m gonna make sure to relay it here. Thank you!

Feature request: Password policy require 4 of 4 requirements

Product Feedback

Tetiana December 1, 2022, 1:19pm 26

Hi, all.
Is there any way to workaround this issue? It’s a huge blocker for us.
Thanks

Topic		Replies	Views
Facing a problem in the change password, Need All Four Character Types Mandatory Get Help auth0	2	1723	December 22, 2022
How to change the passwordstrength containsAtLeast settings? Get Help	2	1539	August 20, 2022
Enable all character types of the password strength policy Archived password , login , password-strength , password-policy	3	4486	October 25, 2021
How to enforce Password to use special characters Get Help user-management , user-password-management	5	183	September 24, 2025
Following OWASP 4.0 standards for password authentication Get Help security-question-concern , security-compliance	5	2566	February 23, 2026

Feature request: Password policy require 4 of 4 requirements

Related topics