Password Strength and Custom Database

karl · May 2, 2017, 10:48pm

I’m looking to increase our password policy’s strength and want to double-check something.

The documentation for Password Strength says the password validation only happens on sign-up or password change.
We have a custom database connection to import users from our old login database, some of whom will inevitably have passwords that wouldn’t match the new criteria.
As this is triggered on login not sign-up, the way I read it existing users will be able to carry on transferring their accounts to auth0 with no issues.

Can someone confirm this is the case?

Abhishek_Hingnikar1 · May 3, 2017, 12:28am

I tested by

Creating a custom db and then setting password policy to maximum and then logging in, no interruption faced.
Forcing enforced password policy on a non-strict connection with pre-existing users, no interruption faced.

There shouldn’t be any issues with migration.

Abhishek_Hingnikar1 · May 3, 2017, 12:28am

I tested by

Creating a custom db and then setting password policy to maximum and then logging in, no interruption faced.
Forcing enforced password policy on a non-strict connection with pre-existing users, no interruption faced.

There shouldn’t be any issues with migration.

Topic		Replies	Views
Enforcing password strength with custom database and no user migration Help password , custom-database , password-strength	2	2049	December 21, 2022
Does automatic migration to Auth0 requires to loosen password strength policy for existing users with weak passwords? Help migration	4	5435	September 4, 2019
Password strength change Help	2	1975	December 8, 2021
Custom Database Action Script - Force password change if low strength Help login-experience , new-universal-login-experience	3	376	March 15, 2024
Custom Password Policy on Auth0 Database Help password , custom , password-policy	2	5174	March 2, 2018

Password Strength and Custom Database

Related topics