Changing the minimum password requirements in Faspex


Faspex requires a minimum level of security for passwords to user accounts. The default setting requires passwords to be at least six characters long and contain at least one letter, one number and one symbol.

If you need stronger requirements, you can change the default by editing the faspex.yml configuration file. Changing the requirements will not affect existing passwords, but any new passwords will need to meet your new requirements.

Note that you will need to be familiar with regular expressions in order to create different password requirements.


  • Product: Faspex
  • Operating System: Linux, Windows


1. Locate the faspex.yml file:

  • Linux: /opt/aspera/faspex/config/faspex.yml
  • Windows: C:\Program Files (x86)\Aspera\Faspex\config\faspex.yml

Create a backup of the file before editing. You can do this with the following command:

cp /opt/aspera/faspex/config/faspex.yml /opt/aspera/faspex/config/faspex.yml.bak

copy C:\Program Files (x86)\Aspera\Faspex\config\faspex.yml C:\Program Files (x86)\Aspera\Faspex\config\faspex.yml.bak

2. Open faspex.yml in a text editor. Within the production section, add the following line:

StrongPasswordRegex: regular_expression

Replace regular_expression with the regular expression that establishes your requirements.

For example, the default password requirements would look like this: 

StrongPasswordRegex: (?=.*\d)(?=.*([a-z]|[A-Z]))(?=.*(\W|_)).{6,}

If you wanted to require passwords with at least 8 characters, one letter, and either one number or one symbol, you would use the following:

StrongPasswordRegex: (?=.*[a-z])(?=.*(\d|\W|_)).{8,}

3. Under the StrongPasswordRegex line, add the following line:

StrongPasswordRequirements: "description"

Replace description with a description of your new password requirements, so your users will be aware of them.

For example, to describe the second example from step 2, we would add the following:

StrongPasswordRequirements: "must be at least 8 characters and contain at least one letter, and either one number or
one symbol"

4. Save the file and restart Faspex.

You can restart Faspex with the following command:

asctl faspex:restart
Powered by Zendesk