Passwords

Metabase can allow authentication via email and password.

Password complexity

The default password complexity for both Metabase instances and Metabase Store acccounts is minimum 15 characters.

On self-hosted Metabases, you can configure required password complexity through environment variables:

export MB_PASSWORD_COMPLEXITY=<complexity_level>
export MB_PASSWORD_LENGTH=10

You can set either MB_PASSWORD_COMPLEXITY or MB_PASSWORD_LENGTH independently.

The options for complexity level are:

  • weak: no constraints.
  • normal: at least 1 digit.
  • strong-enough: minimum 15 characters (default).
  • strong: minimum 8 characters w/ 2 lowercase, 2 uppercase, 1 digit, and 1 special character

By default, Metabase also prevents users from setting passwords that are in a list of common passwords (like qwerty123 and passw0rd). Changing the complexity requirement to weak disables this behavior.

Disable password logins

Disabling password logins is only available on Pro and Enterprise plans (both self-hosted and on Metabase Cloud).

On Pro and Enterprise plans, you can require people to log in with SSO by disabling password authentication from Admin > Settings > Authentication > Overview.

Change a password

You can change your password in Account settings.

Reset a password

See Resetting passwords.

Read docs for other versions of Metabase.

Was this helpful?

Thanks for your feedback!
Want to improve these docs? Propose a change.