SFI:ROPC metadata (#33726)

* SFI:ROPC metadata I think we should standardize on ROPC hits that have been fixed. * Update aspnetcore/security/authorization/secure-data.md Co-authored-by: Tom Dykstra <tdykstra@microsoft.com> * Update aspnetcore/security/authorization/secure-data.md * Update aspnetcore/security/authorization/secure-data.md --------- Co-authored-by: Tom Dykstra <tdykstra@microsoft.com>
2024-09-26 14:57:07 -10:00 · 2024-09-26 14:57:07 -10:00 · 09f5afbc39
parent bc52fc0b5d
commit 09f5afbc39
1 changed files with 7 additions and 1 deletions
--- a/aspnetcore/security/authorization/secure-data.md
+++ b/aspnetcore/security/authorization/secure-data.md
@ -5,6 +5,7 @@ description: Learn how to create an ASP.NET Core web app with user data protecte
 ms.author: riande
 ms.date: 12/5/2021
 ms.custom: mvc
+ms.sfi.ropc: t
 uid: security/authorization/secure-data
 ---

@ -293,7 +294,12 @@ In the preceding code:

 If you haven't already set a password for seeded user accounts, use the [Secret Manager tool](xref:security/app-secrets#secret-manager) to set a password:

-* Choose a strong password: Use eight or more characters and at least one upper-case character, number, and symbol.
+* Choose a [strong password](https://support.microsoft.com/en-us/windows/create-and-use-strong-passwords-c5cebb49-8c53-4f5e-2bc4-fe357ca048eb):
+  * At least 12 characters long but 14 or more is better.
+  * A combination of uppercase letters, lowercase letters, numbers, and symbols.
+  * Not a word that can be found in a dictionary or the name of a person, character, product, or organization.
+  * Significantly different from your previous passwords.
+  * Easy for you to remember but difficult for others to guess. Consider using a memorable phrase like "6MonkeysRLooking^".
 * Execute the following command from the project's folder, where `<PW>` is the password:

  ```dotnetcli