Passwords

Metabase can allow authentication via email and password.

Metabase offers a couple controls for administrators who prefer to increase the password requirements on their user accounts.

export MB_PASSWORD_COMPLEXITY=strong export MB_PASSWORD_LENGTH=10

Copy

Copied

The settings above can be used independently, so it’s fine to use only one or the other. By default Metabase use complexity = normal and a password length of 6. The following options are available for complexity choice:

  • weak = no character constraints
  • normal = at least 1 digit
  • strong = minimum 8 characters w/ 2 lowercase, 2 uppercase, 1 digit, and 1 special character

By default, Metabase also prevents users from setting passwords that are in a list of common passwords (like qwerty123 and passw0rd). Changing the complexity requirement to weak disables this behavior.

Disabling password logins is only available on Pro and Enterprise plans (both self-hosted and on Metabase Cloud).

On Pro and Enterprise plans, you can require people to log in with SSO by disabling password authentication from Admin settings > Authentication.

Read docs for other versions of Metabase.