Passwords

Metabase can allow authentication via email and password.

Password complexity

Metabase offers a couple controls for administrators who prefer to increase the password requirements on their user accounts.

export MB_PASSWORD_COMPLEXITY=strong
export MB_PASSWORD_LENGTH=10

The settings above can be used independently, so it’s fine to use only one or the other. By default Metabase use complexity = normal and a password length of 6. The following options are available for complexity choice:

weak = no character constraints
normal = at least 1 digit
strong = minimum 8 characters w/ 2 lowercase, 2 uppercase, 1 digit, and 1 special character

By default, Metabase also prevents users from setting passwords that are in a list of common passwords (like qwerty123 and passw0rd). Changing the complexity requirement to weak disables this behavior.

Disabling password logins

Disabling password logins is only available on Pro and Enterprise plans (both self-hosted and on Metabase Cloud).

On Pro and Enterprise plans, you can require people to log in with SSO by disabling password authentication from Admin settings > Authentication.

Read docs for other versions of Metabase.

Self-service analytics

Embedded analytics

Documentation

Learn

Analytics

Embedding

Administration

Other resources

Passwords

Password complexity

Disabling password logins

Was this helpful?

Thanks for your feedback!