Password Policy
The password policy historically defined what made a valid password — minimum length and character requirements — in your workspace.
This policy no longer applies — sign-in is passwordless TestOrchestrator no longer uses passwords. Users sign in with an email magic link / one-time code, or with Google or GitHub — see Log In. There is no longer any point in the flow where a password is created or entered, so the password-policy settings below have no effect. The controls still appear on the Internal tab in Admin → Authentication and can still be saved, and are documented here for reference.
Settings reference
These settings still appear on the Internal tab under Admin → Authentication, in the Password Policy section, and are listed here for reference. They no longer affect sign-in.
| Setting | Default | Constraint | What it does |
|---|---|---|---|
| Minimum length | 12 | Min 12, max 64 | The minimum number of characters a password must contain. Cannot be set below 12. |
| Require lowercase (a–z) | On | — | Password must contain at least one lowercase letter. |
| Require uppercase (A–Z) | On | — | Password must contain at least one uppercase letter. |
| Require number (0–9) | On | — | Password must contain at least one digit. |
| Require special character | On | — | Password must contain at least one non-alphanumeric character (e.g., !, @, #). |
Validation rules on save
If you do edit these legacy values, the admin form still enforces two rules when you save:
- Minimum length floor: The value cannot be set below 12. If you enter a lower number, the save is rejected with an error.
- Minimum two character categories: At least two of the four character type requirements (lowercase, uppercase, number, special) must remain enabled. Disabling all four — or leaving only one — is not permitted.