Applies to: VisualSVN Server 5.0 and later
When using Subversion authentication in VisualSVN Server, it is recommended to use a strong password policy. This article describes available options for enforcing the password policy requirements.
Managing password policy
The password policy can be turned on and off by a server administrator. The password policy requirements are enforced when users change their passwords in the server’s web interface. If a new password does not meet the password policy requirements, the error message "The new password does not meet the length or complexity requirements" is displayed.
The password policy requirements are also enforced upon passwords that are set using VisualSVN Server Manager or PowerShell. However, in this case, the administrator is given an option to proceed with setting a password even if it does not meet the requirements.
Minimum password length
The Minimum password length option specifies the minimum number of characters that must be in a password. It can be set to any number greater than zero. The default minimum password length is 8.
Require complex passwords
When the Require complex passwords checkbox is selected, passwords must contain characters from at least three of the following categories:
- Uppercase letters (A through Z).
- Lowercase letters (a through z).
- Digits (0 through 9).
- Special characters (~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/).