Canvas Manual
5.1
Search
K
Comment on page

Setting your password policy

Setting your password policy in the admin portal will automatically update the password strength check throughout Canvas.
The Canvas template includes a built-in password strength check UI during the signup flow and anywhere the user is required to reset their password. By default, the minimum acceptable password strength is medium.
You can manage the requirements for your password policy directly from the Admin portal of your application. From the left menu click on Settings > Password policy.
This Canvas feature uses Bubble's password strength feature and not Bubble's built-in password policy feature (App Bubble editor > Settings tab > General tab > Privacy & Security section).

Password strength levels

The password strength is calculated using Bubble's algorithm, which broadly incorporates the number of characters, use of uppercase versus lowercase characters, and use of numbers versus special characters. In Canvas, we use this number to determine the password strength levels:
  • Very weak (0-19)
    • Password length is less than 8 characters
    • No special character, number, or uppercase letter
    • Common words
  • Weak (20-59)
    • Password longer than or equal to 8 in length
    • Password includes at least one special character, number, or uppercase letter
  • Medium (60-69)
    • Password longer than or equal to 8 in length
    • Password includes at least two: special character, number, or uppercase letter
  • Strong (70-79)
    • Password longer than or equal to 8 in length
    • Includes a combination of special characters, numbers, and uppercase letters
    • *75=Google suggested passwords
  • Very strong (80-100)
    • Password longer than or equal to 8 in length
    • Includes a combination of numbers and uppercase letters
    • Includes multiple special characters
Here's the criteria Bubble uses to assess a password's strength:
  • 35 for having a password longer than or equal to 8 in length
  • 20 for having an uppercase letter
  • 10 for a lowercase letter
  • 10 for a number
  • 25 for special characters/symbols (anything not alphanumberical)
  • -100 for common passwords
Previous
Cookie and consent banner
Next
Set up Payment info on Account page