Set password requirements
If you want your Atlassian Cloud site to be as secure as possible (and, let's face it, who doesn't?), you can define password requirements to make sure everyone doesn't use 'password1'.
There are a few criteria you can set when deciding on password requirements for your site. You can set:
- A required strength-level for passwords
- How often people must reset their passwords
- The number of times new unique passwords must be used before an old password can be re-used
On this page:
Change password settings
- Go to
> User management
- Select Password policy
- Use the options in the Password policy section to specify strength and reset criteria of passwords
After making changes, you can optionally force all your users to update their passwords to meet the new strength criteria by using the Reset all passwords button.
Password strength examples
Tips for setting strong passwords
Need to give your users some tips on how to set strong passwords? Try these:
- Avoid patterns. Consecutive letters (either alphabetical or on the keyboard) and numbers
- Avoid replacing letters with similar numbers or symbols (example 3 for e or $ for s)
- Avoid short passwords. Lots of unrelated english words are hard to guess, but a single word and a single number is very easy for an attacker to break.
- Do use a password manager to generate long/random passwords
- Do use lots of 'parts' to your password, which can make it hard to crack and easier to remember. Four unrelated english words is very strong (correcthorsebatterystaple), as is a combination of words and random numbers (tape934elephant%*)
Was this helpful?
Thanks for your feedback!