International evaluation criteria for the password complexity "strong"

Hello.

Is there an international evaluation criteria for the password complexity "strong" setting value of metabase?

strong = minimum 8 characters w/ 2 lowercase, 2 uppercase, 1 digit, and 1 special character

Hi @ed1216

I'm unsure what you mean by "international evaluation criteria", but we have worked on increasing security in the past few months. Still work in progress:
https://github.com/metabase/metabase/issues/15116

You can change complexity and length:
https://www.metabase.com/docs/latest/operations-guide/environment-variables.html#mb_password_complexity

If you want higher security, then use SSO:
https://www.metabase.com/docs/latest/faq/setup/how-do-i-integrate-with-sso.html