User Password Limit

Problem statement: Does Auth0 enforce a limit on the length of a user’s password? The Create User API does not seem to validate password length.

Solution: Although the API doesn’t explicitly reject requests for longer passwords, Auth0 will ignore differences after 72 chars in order to protect against potential DoS attacks.

Resources :books: :