Password strength requirements

Certain combinations of security level and Helix Core Server applications releases require users to set "strong" passwords. Helix Core Server defines a strong password as:

  • at least dm.password.minlength long, which, by default, is 8 characters
  • contains at least two of the following :
    • Uppercase letter(s)
    • Lowercase letter(s)
    • Non-alphabetic character(s)

Although abcd1234 is by default, considered a strong password in an environment with the security configurable set to 2, it is too easy to guess.

Tip

To create secure password that is easy-to-remember:

  1. Start with a phrase, such as

    Perforce Enterprise-class Version Control.

  2. Make the phrase resemble a single word, such as

    PEnterprise-classVC.

  3. Represent some letters with non-alphabetical characters:

    PN2prI$-k|@zV(.

You can configure a minimum password length requirement on a site-wide basis by setting the dm.password.minlength configurable. For example, to require passwords to be at least 16 characters in length, a superuser can run:

$ p4 configure set dm.password.minlength=16

Passwords can be up to 1,024 characters in length. The default minimum password length is 8 characters.