Yuki has defined a set of rules which determines whether a password is considered a sufficiently strong password. One of these rules is that the password must be strong or very strong. This means that the password should not be easy to guess or easily cracked by so-called dictionaire attacks. To make this understandable, Yuki has divided passwords into four groups:
- Weak: the password is too short, lacks variation in the characters or consists of one character such as aaaaaaaaaaaaaaaa or 11111111111
- Moderate: the password is still very short and the variation of characters is missing.
- Strong: the password is at least eight characters long and has a minimum of three different character types.
- Very strong: the password has four character types and is at least 14 characters long.
A strong password contains at least:
- 8 characters
- one or more lowercase letters
- one or more capital letters
- at least one or more numbers
- at least one or more punctuation marks such as an exclamation mark. etc.
The character types are: lowercase, uppercase, numbers, accent marks and symbols.. A score is calculated based on the length of the password, the variation in characters and the number of different character types used..
When a user sets or changes the password, Yuki shows how strong the given password is and provides tips on how to improve password strength.:
Enforcing a minimum strong password is not applied by the Yuki software..
User name: a user name is a valid email address which identifies a user within all domains and administrations within the Yuki platform.
Password: a password is a word or phrase that is recommended to be at least eight characters long and consists of various characters such as letters, numbers and punctuation marks.
Hash algorithm: a hash algorithm ensures that encrypted data cannot be decrypted. For passwords, this means that the stored password cannot be read into the database. Only a check is performed to see if the entered password is correct.