Help Center/
Relational Database Service_RDS for PostgreSQL/
Troubleshooting/
"password is easily cracked" Displayed When an RDS for PostgreSQL User Is Created
Updated on 2025-06-24 GMT+08:00
"password is easily cracked" Displayed When an RDS for PostgreSQL User Is Created
Scenario
The error message "password is easily cracked" is displayed when a database user is created for an RDS for PostgreSQL instance.
Figure 1 Error message
Possible Causes
This is because a weak password is intercepted. In RDS for PostgreSQL 11.22, 12.22, 13.18, 14.15, 15.10, 16.6, and later versions, weak password detection is enabled by default. If a weak password is used to create a user, an error will be reported.
Solutions
- Use a complex password to prevent brute-force attacks.
- Disable the detection of weak passwords. To disable it, set passwordcheck.rds_enable_cracklib to off so that the system only verifies a password according to the basic requirements. For details, see Modifying Parameters of an RDS for PostgreSQL Instance. Then the password is checked only according to the basic rules.
The basic password requirements are as follows:
- The password must contain at least eight characters.
- The password must consist of letters and other characters.
- The password cannot contain the username.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
