Merge pull request #53571 from ClickHouse/password-complexity-req

Add password complexity requirements to docs
2024-11-27 01:51:59 +00:00 · 2023-08-29 12:42:30 +02:00 · 2023-08-29 12:42:30 +02:00 · 2c8cc7979f
commit 2c8cc7979f
parent 25eda7f358 679a983094
1 changed files with 26 additions and 0 deletions
--- a/docs/en/sql-reference/statements/create/user.md
+++ b/docs/en/sql-reference/statements/create/user.md
@ -40,6 +40,32 @@ There are multiple ways of user identification:
 - `IDENTIFIED WITH ssl_certificate CN 'mysite.com:user'`
 - `IDENTIFIED BY 'qwerty'`
 Password complexity requirements can be edited in [config.xml](/docs/en/operations/configuration-files). Below is an example configuration that requires passwords to be at least 12 characters long and contain 1 number. Each password complexity rule requires a regex to match against passwords and a description of the rule.
 ```xml
 <clickhouse>
    <password_complexity>
        <rule>
            <pattern>.{12}</pattern>
            <message>be at least 12 characters long</message>
        </rule>
        <rule>
            <pattern>\p{N}</pattern>
            <message>contain at least 1 numeric character</message>
        </rule>
    </password_complexity>
 </clickhouse>
 ```
 :::note
 In ClickHouse Cloud, by default, passwords must meet the following complexity requirements:
 - Be at least 12 characters long
 - Contain at least 1 numeric character
 - Contain at least 1 uppercase character
 - Contain at least 1 lowercase character
 - Contain at least 1 special character
 :::
 ## Examples
 1. The following username is `name1` and does not require a password - which obviously doesn't provide much security: