/
User Password Requirements

User Password Requirements

QEST Platform 5.0 Documentation
Applies to all QEST Platform.

This article describes password requirements in QEST Platform.

Contents

Overview

These requirements are applied whenever a strong password is required. Spectra QEST strongly recommends requiring a strong password for all users, by setting the Strong Password Requirement option to true.

Requirements

  • Passwords must be at least 8 characters long.

    • There is no realistic maximum length

  • Passwords must not contain the user’s name or username.

  • Passwords must not contain words related to Spectra QEST products:

    • spectra

    • qest

    • qestlab

    • qestfield

  • Passwords that exist in a database of known passwords from data breaches are not allowed.

    • This requires that outbound connections to https://api.pwnedpasswords.com/ can be made. If these connections fail, this requirement will be ignored, but future logins will try to check the password against the password requirements again. To ensure that logins are reasonably fast, it is recommended that if Strong Password Requirements are in use that these connections are possible.

Configuration

The requirements can be enabled/disabled using the Strong Password Requirement option.

  • True: all users must choose a strong password (recommended)

  • False: System Administrators must choose a strong password, all other users may choose any password


Products described on these pages, including but not limited to QESTLab®, QESTNet, QESTField, QEST Web App, Construction Hive, and associated products are Trademarks () of Spectra QEST Australia Pty Ltd and/or related companies.

The content of this page is confidential. Do not share, duplicate or distribute without permission.

© 2021 Spectra QEST® Australia Pty Ltd and/or related companies.  Terms of Use and Privacy Statement


Related content

Integrity | Curiosity | Empathy | Unity

The content of this page is confidential and for internal Spectra QEST use only. Do not share, duplicate or distribute without permission.