Update the Password Policy


In the password policy page inside the database connections page, the hyperlink to OWASP is no longer accessible and outdated.

The link is https://www.owasp.org/index.php/Authentication_Cheat_Sheet#Implement_Proper_Password_Strength_Controls.

I would highly suggest Auth0 to follow the NIST’s password guideline. Allow all special characters and emojis rather than limited set of special characters.

In the Password Policy documentation, you are only allowing these special characters !@#$%^&* and the OWASP even the NIST, don’t recommend limiting the special characters.

Hi @aj1337,

Thanks for the feedback! The best place to submit this type of information is through a feedback ticket. This is a direct line to our product team, and helps us improve the product. It also allows the product team to contact you if they require more information.

Let me know if you are unable to submit, and I will submit the feedback on your behalf.


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.