Configure password policy using ASP.NET Core Identity

By default, ASP.NET Core Identity requires very strong passwords for the users. There is a lot of constraints to satisfy, like at least one uppercase character, one lowercase character, one non-alphanumeric character and some others.

There is a common need to have password's policies less strong than that. With ASP.NET Core Identity, you can change this and configure the password's policy you want very easily, in the startup class.


public void ConfigureServices(IServiceCollection services)
{
	// [...]

	// Configure Identity
	services.Configure<IdentityOptions>(options =>
	{
		// Password settings
		options.Password.RequireDigit = true;
		options.Password.RequiredLength = 8;
		options.Password.RequireNonAlphanumeric = false;
		options.Password.RequireUppercase = true;
		options.Password.RequireLowercase = false;
	});

	// [...]
}
09/10/2016
  • ASP.NET Core
  • Identity