Enable password complexity rules
Redis Enterprise Software provides optional password complexity rules that meet common requirements. When enabled, these rules require the password to have:
- At least 8 characters
- At least one uppercase character
- At least one lowercase character
- At least one number
- At least one special character
These requirements reflect v6.2.12 and later. Earlier versions did not support numbers or special characters as the first or the last character of a password. This restriction was removed in v6.2.12.
In addition, the password:
- Cannot contain the user’s email address or the reverse of the email address.
- Cannot have more than three repeating characters.
Password complexity rules apply when a new user account is created and when the password is changed. Password complexity rules are not applied to accounts authenticated by an external identity provider.
You can use the admin console or the REST API to enable password complexity rules.
Enable using the admin console
To enable password complexity rules using the admin console:
-
Go to Cluster > Security > Preferences, then select Edit.
-
In the Password section, turn on Complexity rules.
-
Select Save.
Enable using the REST API
To use the REST API to enable password complexity rules:
PUT https://[host][:port]/v1/cluster
{"password_complexity":true}
Deactivate password complexity rules
To deactivate password complexity rules:
-
Use the admin console:
-
Go to Cluster > Security > Preferences, then select Edit.
-
In the Password section, turn off Complexity rules.
-
Select Save.
-
-
Use the
clusterREST API endpoint to setpassword_complexitytofalse