Is there a way to set the password complexity policy for SonarQube?

  • Which versions are you using: SonarQube Enterprise Edition Version 9.7.1 (build 62043)

  • What are you trying to achieve: I have set up the SonarQube server with Docker-compose, and I would like to enforce a password complexity policy so that users will not be able to set weak passwords (e.g. enforcing a minimum password length policy, with the requirement of using Uppercase/Lowercase/Special characters). May I know if there is any way for me to configure this setting for SonarQube?

  • What have you tried so far to achieve this: I have looked through the SonarQube product documentation and file but there does not seem to be an option to set the password complexity settings.

Hey there.

It’s not possible to set a password policy for local accounts.

We recommend that, in almost all cases, Delegated Authentication be used instead of basic authentication. This means the delegation of authentication to another system that has its own password policy (LDAP, SAML, Github Authentication, etc.)