> For the complete documentation index, see [llms.txt](https://docs.airdev.co/canvas/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.airdev.co/canvas/5.0/canvas-functionality/miscellaneous/setting-your-password-policy.md). # Setting your password policy {% hint style="info" %} Setting your password policy in the admin portal will automatically update the password strength check throughout Canvas. {% endhint %} The Canvas template includes a built-in password strength check UI during the signup flow and anywhere the user is required to reset their password. By default, the minimum acceptable password strength is **medium**. You can manage the requirements for your password policy directly from the Admin portal of your application. From the left menu click on Settings > Password policy. ![](/files/hLIiDEQG2soCMyxq2qFp) {% hint style="warning" %} This Canvas feature uses Bubble's [password strength feature](https://manual.bubble.io/core-resources/elements/states#...s-password-strength) and not Bubble's built-in password policy feature (App Bubble editor > Settings tab > General tab > Privacy & Security section). {% endhint %} ### Password strength levels The password strength is calculated using Bubble's algorithm, which broadly incorporates the number of characters, use of uppercase versus lowercase characters, and use of numbers versus special characters. In Canvas, we use this number to determine the password strength levels: * **Very weak (0-19)** * Password length is less than 8 characters * No special character, number, or uppercase letter * Common words * **Weak (20-59)** * Password longer than or equal to 8 in length * Password includes at least one special character, number, or uppercase letter * **Medium (60-69)** * Password longer than or equal to 8 in length * Password includes at least two: special character, number, or uppercase letter * **Strong (70-79)** * Password longer than or equal to 8 in length * Includes a combination of special characters, numbers, and uppercase letters * \*75=Google suggested passwords * **Very strong (80-100)** * Password longer than or equal to 8 in length * Includes a combination of numbers and uppercase letters * Includes multiple special characters Here's the criteria Bubble uses to assess a password's strength: * 35 for having a password longer than or equal to 8 in length * 20 for having an uppercase letter * 10 for a lowercase letter * 10 for a number * 25 for special characters/symbols (anything not alphanumberical) * -100 for common passwords --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.airdev.co/canvas/5.0/canvas-functionality/miscellaneous/setting-your-password-policy.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.