Skip to main content
All CollectionsUser Accounts
Password Requirements
Password Requirements
Dec Norton avatar
Written by Dec Norton
Updated over a year ago

When creating or updating a user’s password, there are some rules that must be followed.

Minimum length

The new password must be at least 8 characters long. If not, the user will receive the following error message: The password must be at least 8 characters.

ℹ️ DSC requirements state that a password must be a minimum of 8 characters, un-compromised here.

Secure password

How to choose a secure password can be summarised into two criteria:

  • Avoid using common passwords

  • Using passwords that have not appeared in a password data leak

Using common passwords is not recommended for several reasons. Firstly, it makes it easier for hackers to gain unauthorised access to your accounts.

⚠️ Cybercriminals often use automated tools to quickly guess or crack commonly used passwords, such as "123456" or "password". By choosing a strong and unique password, you significantly increase the security of your online accounts.

Secondly, using common passwords puts multiple accounts at risk. Many people reuse the same password across multiple platforms and services, making them vulnerable to credential stuffing attacks. If one account is compromised due to a weak password, attackers can easily try the same combination on other websites or applications.

Lastly, common passwords lack complexity and are easy to remember. While this may seem convenient initially, it also means they are easier for others to guess. This includes not only malicious actors but also acquaintances who might have some knowledge about your personal life.

Password data leaks

A password data leak refers to the unauthorised disclosure or exposure of passwords stored by an organisation or individual. This can occur due to cyber attacks, insecure storage practices, weak encryption algorithms, or human error. Once obtained by attackers, leaked passwords can be used for identity theft and financial fraud.

CareLineLive checks that the password entered is secure. If it’s deemed insecure, the user will receive the following error message: The given password has appeared in a data leak, please use a different password.

Did this answer your question?