Password length rules

Hello.

I see that there is a possibility to change rules for minimum password length but can I somehow change maximum length. If I can’t, could you provide me an exact value of the current maximum length?

Hey there!

Current maximum length is 128:

https://auth0.com/docs/connections/database/password-strength.

Check out this doc as it will tell you how to specify required password length.

Thanks for the answer.
Unfortunately, I can’t find in this doc a way to change maximum length. Maybe I miss something?
Also, I managed to pass a password with length more than 128 to the user via the dashboard, also I can pass same password to the reset password form. So is this value actually correct or I am doing something wrong?

There is no way to change maximum length. That’s strange that you passed with longer password. Let me open an internal ticket for our engineering team to dive into it. Can you send me your tenant name via private message so we can investigate that?

1 Like

To confirm. You were able to create a password with a length > 128 characters and that user was able to login? Is that correct?

Yes, I can change password via dashboard with a length > 128 and user can login with it. Also possible with reset password form sent to user’s email.

1 Like

Perfect! Will reach out to you once I have an answer from our engineering team.

I managed to confirm it as well by setting up a user password of 150 characters. The engineering team confirmed it and they’re moving it to their backlog to fix it soon.