If your institution uses external authentication, you do not need a local VoiceThread password. Your VoiceThread access is based on your membership in that external system.
Local VoiceThread passwords must be at least 7 alphanumeric characters.
VoiceThread encrypts passwords using the peer-reviewed, industry-standard bcrypt password hashing function with a suitable work factor that balances attacker and defender verification. VoiceThread imposes no practical limit on overall password length or usable character set. VoiceThread generates salts using a cryptographically-secure source.
More technical details are here.
Additionally, VoiceThread will not allow users to set any of the top 1000 most commonly passwords from NIST.
Passwords must be at least 6 alphanumeric characters. We also recommend that you include a combination of several optional elements to create a strong password:
- A mix of letters and numbers
- A mix of upper- and lower-case letters
- A multi-word phrase