Password Policy: add documentation (#83208)

* add documentation * Update docs/sources/setup-grafana/configure-security/configure-authentication/grafana/index.md --------- Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2025-02-25 18:55:37 -06:00 · 2024-03-01 03:56:26 -06:00 · 2024-03-01 03:56:26 -06:00 · 824c26cd5e
commit 824c26cd5e
parent 75b020c19d
1 changed files with 21 additions and 0 deletions
--- a/docs/sources/setup-grafana/configure-security/configure-authentication/grafana/index.md
+++ b/docs/sources/setup-grafana/configure-security/configure-authentication/grafana/index.md
@ -112,6 +112,27 @@ To disable basic auth:
 enabled = false
 ```

+### Strong password policy
+
+By default, the password policy for all basic auth users is set to a minimum of four characters. You can enable a stronger password policy with the `password_policy` configuration option.
+
+With the `password_policy` option enabled, new and updated passwords must meet the following criteria:
+
+- At least 12 characters
+- At least one uppercase letter
+- At least one lowercase letter
+- At least one number
+- At least one special character
+
+```bash
+[auth.basic]
+password_policy = true
+```
+
+{{% admonition type="note" %}}
+Existing passwords that don't comply with the new password policy will not be impacted until the user updates their password.
+{{% /admonition %}}
+
 ### Disable login form

 You can hide the Grafana login form using the below configuration settings.