Password strength requirements
Certain combinations of security level and Helix Core Server applications releases require users to set "strong" passwords. Helix Core Server defines a strong password as:
- at least
dm.password.minlength
long, which, by default, is8
characters - contains at least two of the following :
- Uppercase letter(s)
- Lowercase letter(s)
- Non-alphabetic character(s)
Although abcd1234
is by default, considered a strong password in an environment with the security configurable set to 2
, it is too easy to guess.
To create secure password that is easy-to-remember:
- Start with a phrase, such as
Perforce
Enterprise-class Version Control.
- Make the phrase resemble a single word, such as
PEnterprise-classVC.
- Represent some letters with non-alphabetical characters:
PN2prI$-k|@zV(.
You can configure a minimum password length requirement on a site-wide
basis by setting the dm.password.minlength
configurable. For
example, to require passwords to be at least 16 characters in length, a
superuser can run:
$ p4 configure set dm.password.minlength=16
Passwords can be up to 1,024 characters in length. The default minimum password length is 8 characters.