In the context of a password policy, Complexity Requirements are rules used to prevent users from selecting trivial, easily guessed passwords. Examples include disallowing use of the user's login ID or name, minimum password length, dictionary checks, limits on repeating characters, requirements for mixed case or digits, etc.

Return to IT Security Concepts