Passwords: The Most Common Authentication Factor

Userfront's authentication system prioritizes password security by implementing stringent requirements and advanced protection measures. Users can customize their login flow through the Auth Dashboard by enabling or disabling various single-factor authentication methods, such as password login, passwordless options like email login links, and SSO providers. Userfront enforces password standards aligned with NIST guidelines, requiring passwords to be either a minimum of 16 characters or at least 8 characters with a letter and a number, and ensures they do not exceed 512 characters. Passwords are securely handled using the Bcrypt hashing function with unique salts, and are encrypted at rest, while multiple levels of attack resistance, including brute force and rainbow table attack resistance, bolster security. Furthermore, password attempts are rate-limited across different levels to prevent unauthorized access, and passwords are not stored in plain text or written to system logs.