Account password policy is too weak, too weak

  • 22 December 2021
  • 1 reply
  • 200 views

 With accepting the fact that there is no built in Multi Factor Authentication, it disappointed us that there is a very weak, basically no password policy. even “12345678”, or “password” are allowed as password  :face_palm_tone1::face_palm_tone1::face_palm_tone1::face_palm_tone1::face_palm_tone1::face_palm_tone1::face_palm_tone1:

 

For a tool which is not MFA capable, please create a password policy which is compliant with best practices, or give the Admins the option to create their own password policy. It is also advised to create al password blacklist to block people give such easy passwords as 12345678 for their accounts. It would be also helpful for you to gain customers who needs to comply with regulations and standards...


1 reply

Userlevel 7
Badge +6

@duygi -

There is an existing wish list idea for adding two factor authentication here which you can upvote: https://community.miro.com/wish-list-32/2fa-2-factor-authentication-2215

If you’d also want to add strong password validation to the wish list backlog, you can do so by reviewing the guidelines here: Wish List: Everything You Need to Know 🌠 | Miro

Kiron

Reply