Password Authentication
SWITCH edu-ID Password Policy
SWITCH edu-ID passwords must meet the following requirements:
- Minimum length: The password must consist of at least 12 characters.
- Complexity: Depending on the length of the password, several character classes must be used (lower case character, uppercase characters, digits, punctuation symbols). Long passwords can be in lower case only.
- Patterns: The password must not contain repetitive characters (e.g. "aaaa", "1111"), sequences (e.g. "1234", "abcde") and common keyboard patterns (e.g. "qwertz", "asdf")
- Leaked passwords: Passwords must not be in the Have I been Pwned Passwords database that contains billions of leaked passwords. The passwords are securely checked via k-anonymity API.
As suggested by the NIST recommendations, no periodic password change is required.
Recommendations to Users of SWITCH edu-ID
We primarly recommend to use passwordless login with Passkeys. For users who prefer password-based authentication we recommend: