Using the default authentication provided by Grafana, are there any restrictions on valid passwords? I was wondering if users can provide blank passwords, even - if we just want to let Viewer users have separate accounts for their preferences but not care about who logs in as who?
hi @jdxjohn!
This was an interesting question! to enforce requirements, we recommend using an external authentication provider, there isn’t a password policy enforced by grafana per this issue:
https://localhost:3000/t/define-password-policy-in-grafana-7-3-7/46065
Out of curiosity, I tried changing a password to a blank string (a single space character) and saw an error that it was too short. It appears that at least 4 characters are required - it accepted four spacebar characters. But the password cannot be left empty.
1 Like
I saw that question but we’re not in a position to implement that right now so I wondered if there was a simple option to disable passwords for named users.
Thanks for testing - this seems a good enough workaround or we could simply tell everyone to use the same well-known “non password” like “letmein” or “password”.