Password policies contain the following properties for configuring the set of password validators that are invoked for add operations, modify operations, and password modify extended operations.
- The set of password validators that should be invoked. Zero or more validators can be configured.
- Indicates whether to allow administrators to set passwords that do not satisfy the password validation requirements.
No validators are included in the out-of-the-box configuration for the default
password validator. Unless the
--allowWeakRootUserPassword argument is
provided when running setup, or the equivalent option is chosen when setting up the
server in interactive mode, the passwords for root users and topology administrators are
subject to the following requirements:
- The password must contain at least 12 characters.
- The password must not be contained in a dictionary of common words in various languages
- The password must not be contained in a dictionary of commonly used passwords
skip-validation-for-administrators property is false by
default in both the default password policy and the policy for root users and topology