> ## Documentation Index
> Fetch the complete documentation index at: https://docs-staging-actions-triggers-prototype.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Password Options in Auth0 Database Connections

> Auth0's Password Options allow you to disallow users from repeating prior passwords, to customize a password dictionary of passwords to disallow, and to disallow passwords related to the user's personal data.

<Warning>
  Les options **Password History (Historique du mot de passe)**, **Password Dictionary (Dictionnaire de mot de passe)** et **Personal Data (Données personnelles)**, sont proposées pour les connexions de bases de données utilisant le magasin de données Auth0 et pour les connexions de bases de données personnalisées dont le mode d’importation est activé. Les restrictions de mot de passe pour les connexions Social et Enterprise sont appliquées par chaque fournisseur.
</Warning>

When using passwords for authentication, you should enforce the creation of unique passwords. A strong password policy will make it difficult, if not improbable, for a <Tooltip href="/docs/fr-ca/glossary?term=bad-actors" tip="Acteurs menaçants
Des entités qui représentent une menace pour une entreprise ou un environnement, avec l’intention de causer des dommages." cta="Voir le glossaire">bad actor</Tooltip> to guess a password through either manual or automated means.

Important facets of strong passwords are their uniqueness and difficulty to guess. Auth0's password options for database connections allow you to force your users to make better decisions when choosing their passwords.

<Frame>
  <img src="https://mintcdn.com/docs-staging-actions-triggers-prototype/iE4AgtxPSHgKpjkm/docs/images/fr-ca/cdy7uua7fh8z/1vqXxz0OD7hNLYLwrZZzIe/69da978ea21345366682968a270058a0/2025-02-25_10-33-44.png?fit=max&auto=format&n=iE4AgtxPSHgKpjkm&q=85&s=8491b8044753a8693dd0791721abaa9f" alt="Password Options" width="702" height="559" data-path="docs/images/fr-ca/cdy7uua7fh8z/1vqXxz0OD7hNLYLwrZZzIe/69da978ea21345366682968a270058a0/2025-02-25_10-33-44.png" />
</Frame>

The Password Options area is located at [Auth0 Dashboard > Authentication > Database](https://manage.auth0.com/#/connections/database). Choose the database connection you wish to update and select the **Authentication Methods** tab. In the Password section, select **Configure**.

The **Password Policy** settings page contains the ability to configure the [Password Strength Policy](/docs/fr-ca/authenticate/database-connections/password-strength) as well as the following password options.

## Password history

Enabling this option disallows users from setting passwords that repeat passwords they've used in the recent past. Auth0 can retain a password history for each user, up to a maximum of 24 entries per user. Note that when this option is enabled, only password changes going forward will be affected because the history will not have been kept prior to that point.

Even if you do not have a required password change policy (for example, forcing users to change passwords every six months), you still may want to disallow the use of previous passwords. For example, if a security breach in your organization causes you to force users to change their passwords everywhere, you will want to ensure they aren't just re-using passwords that might be compromised.

## Password dictionary

Enabling this option disallows users from setting passwords to common options included in a [default dictionary list](https://github.com/danielmiessler/SecLists/blob/master/Passwords/Common-Credentials/10k-most-common.txt). You may also include your own prohibited passwords by entering them in the text field in this section.

Note that Auth0 uses case-insensitive comparison with the Password Dictionary feature.

## Personal data

Enabling this option disallows users from setting passwords that contain any part of their personal data. This includes:

* `name`
* `username`
* `nickname`
* `user_metadata.name`
* `user_metadata.first`
* `user_metadata.last`
* The first part of the user's email will also be checked - `firstpart`@example.com

For example, if the user's name were "John", the user would not be allowed to include "John" in their password; `John1234` would not be allowed.

## API access

Because password options are associated with a Database connection, you can access them using the <Tooltip href="/docs/fr-ca/glossary?term=management-api" tip="Management API
Un produit permettant aux clients d’effectuer des tâches administratives." cta="Voir le glossaire">Management API</Tooltip>'s [Connections endpoints](/docs/fr-ca/api/management/v2#!/Connections). Password-related fields are stored in the `options` object. Because these fields are not used for non-database connections, they are not required, so if they are not enabled for a connection, they may not appear.

For example, after setting a password policy, a MySQL database connection will look like this:

```json lines theme={null}
{
  "id": "con_9dKKcib71UMRiHHW",
  "options": {
    "password_history": {
      "enable": true,
      "size": 5
    },
    "password_dictionary": {
      "enable": true,
      "dictionary": [
        "entry1",
        "entry2"
      ]
    },
    "password_no_personal_info": {
      "enable": true
    },
    "passwordPolicy": "fair"
  },
  "strategy": "auth0",
  "name": "MySQL"
}
```

In this example, we can see from the `options` object that all three password options are enabled, password history will store the 5 most recent passwords, and each password will be cross-checked against two dictionaries: `entry1` and `entry2`.

If you are [creating a connection](/docs/fr-ca/api/management/v2#!/Connections/post_connections) or [updating an existing connection](/docs/fr-ca/api/management/v2#!/Connections/patch_connections_by_id) using the Management API, you can update the password policy for the connection using these fields.