complex email password

How can I turn off the non-complex email password blocking? I have to set a password for an existing account and must use a non-complex password to match the existing password.

Hi mikei

Personally I would advise strongly over doing this but you can change the password level from system settings, settings password

Many thanks


Sorry this still isn’t working. Super dumb - I know but I need to use a common password for an account and it’s blocking it.

Hi Mikie

I’m sorry, you are not giving too much information to help sorry. An example would be better, without giving the correct password, but perhaps a pointer comes from your “common password”, which has different meanings to different people (please note the IW help stating common password still blocked, which I’m thinking is passwords which are commonly known on the internet, i.e password, manager etc… as apposed to a common password agreed by users).

I would very strongly advice you NOT to make the password weak, or if you do, I hope you fully understand the implications of doing so.

Please see pic, from nodeworx, server, settings, password, showing the options to set password strenth to and the number of digits to set too.

I hope that helps

Many thanks


Even if you set the complexity to None, IW still blocks ‘common’ passwords - eg password (as a password)

Hi Mikie

Sorry, please note IW “common passwords will still be blocked”.

To be honest, my best advice would be to change the password at the device or sender email system. If you do not have access to this device, I would find someone who does and have them change the password for email, or if access is because no one knows the login credentials of the device (etc…) then reset it and reset up the device.

If you ask the question, would anyone here on this forum allow these types of passwords, then I suspect the answer would be NO, and some may give details as to why, others not.

However, if you do manage to set the password to your desired commonly known password, please make sure you fully understand the implications, and how those would impact your other users, please check your agreements with your providers, ie. IP address provider, VPS provider etc… as part of that agreement I’m sure would be that you would not allow weak password(s) or compromises due to weak security, and then there’s reputation, i.e. name, IP, Domain etc… and that’s if the provider had not already stopped service in full to you, a little agreesive I’m sure, but it has happened, and we do stop service to users who are compromised.

I hope that helps, and sorry, I am not going to be the one to tell you how to set these types of passwords, sorry.

Many thanks


If the password is weak for a temporary time long enough to adjust something, that’s one thing. But if the end user wants to continue using a weak password you need to break the habit. If Nodeworx won’t allow “password” or “qwerty” of something ridiculous like that – even on the ‘none’ setting, I’m happy to hear it. But if a short, dictionary word-number combo is still being refused, could it be browser or server-side caching that’s in your way? Maybe setting Nodeworx to its weakest setting and restart the iworx service will help.

Also refer your user to a movie called ‘Disconnect’ if they have other lazy habits online.

I’m chiming-in on this because I’ve been considering suggesting an Interworx feature for server admins that forces users to change any password on preset intervals… if it hasn’t been suggested already.

Anyone own a lexus? I don’t anymore because of this I’m just asking for the option to set a ridiculous common password. I’m not condoning it, it’s just what I have to do in this particular situation - and there’s no way around it. So, how do I do it?

The Lexus analogy is a good one and I get your meaning. My analogy would’ve been Android. Sorry if I came off like a lecturer. Sometimes even a strong password isn’t enough, eg, when people rely on their browsers for remembering them.

Nodeworx apparently won’t let you choose a common password no matter the strength setting. I wonder if there’s a list (db?) that holds well known strings considered too weak even at the ‘none’ setting. In Nodeworx under Server/Settings/Password Options, have you experimented with character limits?

I can see the pickle you’re in but it’s not clear (and not my business) why the password can’t be reset on the client side. This may be your only option if the password is something like “password.” It’s like the time I was using IP restrictions with a service and then moving my soho router to a new part of town after forgetting to remove the restriction. When I locked myself out the only way around it was cooperation between me and the service.

For those following the thread, I got it to work. It’s temporary but the password is now set and I don’t have to worry about changing it. The good news is that the IW folks have a failsafe for something like this so the file I did modify will be overwritten on next update - so the world is safe again.

Hi sysnop

The restriction is from IW for common passwords, and not browser based.

I understood the analogy to be different, sorry, and was going to say IW is not restrictive to sys admins, which I see mikei has found out. The restrictions are imposed upon users who do not have full access to server.

Good luck mikei

Many thanks


Oh that I understand! When I referred to browser cache, strange things sometimes happen that appear to be server related, form fields being one of them. For instance, I notice in Nodeworx or Siteworx that my browser tries to input a field before I do. Simple things like that can sometimes trip us up.

When I referred to browsers remembering passwords, that’s how people sometimes forget their passwords after MUI info ends up deleted.

Hi Sysnop

Sorry, yes your correct. I am slow sometimes sorry.

Many thanks