# Password restrictions

It is possible to enforce password restrictions on user accounts when using the native Overleaf login system for authentication.

{% hint style="info" %}
It is **not** possible to enforce password restrictions for SSO (LDAP/SAML 2.0) logins. These must be configured in your Identity Provider (IdP).
{% endhint %}

To do so, you'll need to set the relevant environment variable in the Toolkits **config/variables.env** file.

| Name                                      | Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
| ----------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `OVERLEAF_PASSWORD_VALIDATION_MIN_LENGTH` | <p>The <strong>minimum</strong> length required<br><br><strong>Default:</strong> 8</p>                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
| `OVERLEAF_PASSWORD_VALIDATION_MAX_LENGTH` | <p>The <strong>maximum</strong> length allowed<br><br><strong>Default:</strong> 72</p>                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
| `OVERLEAF_PASSWORD_VALIDATION_PATTERN`    | <p>Used to validate password <strong>strength</strong>:</p><ul><li><code>abc123</code> – password requires 3 letters and 3 numbers and be at least 6 characters long</li><li><code>aA</code> – password requires lower and uppercase letters and be 2 characters long</li><li><code>ab$3</code> – it must contain letters, digits and symbols and be 4 characters long</li><li>There are 4 groups of characters: letters, UPPERcase letters, digits, symbols. Everything that is neither letter, nor digit is considered to be a symbol.</li></ul> |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.overleaf.com/on-premises/configuration/overleaf-toolkit/password-restrictions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.