# TEST: SECURITY-UM-08 ## References * [User Management](https://help.santesuite.org/installation/installation-1/deployment/installing-software/santedb-server/installation-qualification/security-administration-testing/test-cases-for-ui-1/user-management-tests/broken-reference) * [TEST: SECURITY-UM-01](https://help.santesuite.org/installation/installation-1/deployment/installing-software/santedb-server/installation-qualification/security-administration-testing/test-cases-for-ui-1/user-management-tests/test-security-um-01) ## Discussion Password strength is determined by use of: * Both uppercase and lowercase alphabetical characters. * Symbols. * Numbers. * More than 10 characters. As more of each of the items listed above are used, the password is stronger. **Strong** and **Very Strong** passwords are valid. ## Pre-Conditions / Setup 1. User must be logged into an account with policies granted for creating users. 2. Navigate to **Administration Panel / Security / Users / Create User** by clicking the **Create** button on the **Administration Panel / Security / Users / Index** page. ## Actions/Steps 1\. Enter either "Clinic\@l12" for a **Strong** password or "Clinic\@l123" for a **Very Strong** password into both **New Password** and **Confirm Password** textboxes. ## Expected Behaviour * A status bar should be displayed green and labelled to the right of the status bar as either **Strong** (using "Clinic\@l12"; shown below) or **Very Strong** (using "Clinic\@l123"). * A new user can successfully be created after entering remaining required fields (see [TEST: SECURITY-UM-01](https://help.santesuite.org/installation/installation-1/deployment/installing-software/santedb-server/installation-qualification/security-administration-testing/test-cases-for-ui-1/user-management-tests/test-security-um-01)). ![](https://3421852694-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZ0_pjgTp_kx4hqTZ3a%2F-Mdv3cmgea9JLYkQ8EWA%2F-Mdv6kvlE3hfMx-v65__%2Fimage.png?alt=media\&token=7fc9c9ed-9b37-4fcd-82ee-94d31893e014)