1. VoiceThread Docs
  2. Privacy and Security
  3. Privacy FAQ
  4. Password strength

Password strength

If your institution uses external authentication, you do not need a local VoiceThread password. Your VoiceThread access is based on your membership in that external system.


Technical Details

Local VoiceThread passwords must be at least 6 alphanumeric characters.

VoiceThread encrypts passwords using the peer-reviewed, industry-standard bcrypt password hashing function with a suitable work factor that balances attacker and defender verification. VoiceThread imposes no practical limit on overall password length or usable character set. VoiceThread generates salts using a cryptographically-secure source.

More technical details are here.


Best Practices

Passwords must be at least 6 alphanumeric characters. We also recommend that you include a combination of several optional elements to create a strong password:

  1. A mix of letters and numbers
  2. A mix of upper- and lower-case letters
  3. Symbols
  4. A multi-word phrase

Was this article helpful?