How Asgardeo increase the password complexity?

Published in

Identity Beyond Borders

3 min readJan 25, 2023

Having a strong password is one of the most important steps in protecting your online accounts. Weak passwords can be easily guessed or cracked, which can lead to identity theft, financial loss, and other serious consequences.

Please check my previous article “Make passwords hard to guess!” to get an idea of making your password more complex.

Asgardeo provides a way for the organization owners to decide on the complexity of its user’s password.

Steps to manage the complexity of the password of your organization

Navigate to https://console.asgardeo.io
Log in to your organization (You can create a new account if you are new to Asgardeo)
Navigate to the manage section
Click Account Security -> Password Validation

You will see a page similar to the one below, where you can decide on the password complexity. By default, the password will require of a minimum length of 8 characters including at least a number, an upper-case letter, a lower-case letter, and a non-alphanumeric character.

The following are the supported criteria:

Number of characters
The type of characters to be added
- Number (0–9)
- Upper-case character (A-Z)
- Lower-case character (a-z)
- Non-alphanumeric character (!@#$%^&*)
Unique character — This is an optional validation which use to restrict on a minimum number of different characters to be included.
Repeated character — This is an optional validation that restricts the maximum number of repeated characters that can be added.
If this is enabled and set to 2, then passwords can not have more than 2 repeated characters.
Examples :
password✅
passsword❌
pasSsword✅

5. You can do the required configurations.

6. Click update.

Now you have successfully configured the password validation criteria 👍.

Let’s see how this gets affected.