Skip to main content

Checkup Documentation

Password minimal length

cms-settingskey-password-minimal-length

severity-high

Summary

Important Security Note: If your site has custom authorization configured this check may not be applicable.

Password Policies help keep your site secure by requiring newly created passwords to meet the criteria set within the Kentico Xperience settings (if you are utilizing Kentico Xperience's Authorization feature). Part of a good security practice is to require users to us a minimum length when creating a password. 


Check Logic

Constant Care for Kentico will ensure the Minimal length of password setting is at least 8 (default)

You can manage your settings for this checkup in the Constant Care for Kentico admin settings.


Verifying The Check

To determine what your site's Password Minimal Length is set to you can navigate to the Settings Application and then find the Security & Membership > Passwords settings.

From there you will want to find the Password Policy section and verify the Minimal Length setting. Many security experts recommend a minimal length of at least eight characters.

Changes to your site should only be made by an experienced Kentico Xperience developer. If you need assistance in making these changes please reach out to the Toolkit For Kentico team to be connected with a Kentico Xperience partner.