Clutch has recently implemented new password requirements. For Clutch to accept your password, the following conditions need to be applied:
Passwords must now contain at least eight (8) characters, with a minimum of three (3) of the following: upper case letter, lower case letter, number, or special character. Your password cannot match the last password used, should not be used on any other websites, or be easy to guess.
Additionally, every time you login or create a new password, we will check your password against publicly accessible databases that report on breached passwords. If we find your password on a database, you will see the following:
It is important to note that your Clutch account has not been compromised. This indicates that your password was used on a non-Clutch website that has been compromised. If found while you are logging in, we will lock access to your account and immediately send you an email to reset your password. Once a new, safe password is entered, you will regain access to your account.
Passwords will remain active for one (1) year. One week prior to password expiration, you will receive an email reminder. You can change your password in advance by using the Account Setting menu within the Clutch Portal or Virtual Terminal. If the year has passed, you will be asked to change your password on your next login.
We believe these simple extra security measures will help protect your Clutch accounts from any potential security threats.
If you would like more information on breached passwords, we recommend you visit https://haveibeenpwned.com/.
