Wiki Spaces


Get Help from Others

Q&A: Ask OpenMRS
Discussion: OpenMRS Talk
Real-Time: IRC Chat | Slack


Page tree
Skip to end of metadata
Go to start of metadata

OpenMRS allows user password strength configuration via 'Advanced Settings' or 'Settings (formerly Global Properties from 1.8 downwards)'. This helps in choosing appropriate password strength validation according to your implementation. Though OpenMRS provides the ability to turn off different password validators but it is never a good idea to use weaker passwords for data which has sensitive and confidential patient information.

Read security and authorization standards and protocols here.

Configuration Settings:


Goto Settings (formerly Global Properties from 1.8 downwards) in your OpenMRS server Administration > Advanced Settings and navigate to section having properties prefixed with security.*.
Switch following settings on or off according to your implementation requirements.
  • security.passwordCannotMatchUsername
  • security.passwordCustomRegex
  • security.passwordMinimumLength
  • security.passwordRequiresDigit
  • security.passwordRequiresNonDigit
  • security.passwordRequiresUpperAndLowerCase .


Save settings and your are done!
  • No labels