# Password policy

Password complexity is configurable through a system-wide password policy setting. Exivity supports the following policies:

| Policy                                 | Rules                                                                                                                         |
| -------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- |
| *Length check*                         | Passwords must be at least 8 characters long.                                                                                 |
| *Length and dictionary check*          | Must pass rules above. Passwords must not be among the most common passwords (top 50.000).                                    |
| *Length, dictionary and entropy check* | Must pass rules above. Passwords must have a [Shannon entropy](https://www.shannonentropy.netmark.pl/) value of at least 3.5. |

To apply your desired password policy:&#x20;

1. &#x20;Go to **Administration > Settings > System**
2. &#x20;Select your choice from the dropdown menu:

![Password policy configuration](https://1141395848-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPRZvuYYNyI3vz1mar1l4%2Fuploads%2Ftjs22Yux2z2SkvCfgQW2%2Fpasswordpolicy.png?alt=media\&token=650d8ccb-81ab-4c71-b8bf-34f1864e5db4)

&#x20;3\.  Click **Update** to apply your changes.<br>