Knowledge Drop

Default Authentication Into Looker

Userlevel 5

Last tested: May 16, 2019

By default, every Looker user is uniquely identified by their email address. In addition to an email address, each user has a password. The default credentials are thus an email/password combination.

Password Requirements:

By default, passwords in Looker must be a minimum of ten characters long and contain at least one uppercase and one lowercase letter (A, z), one numeric character (0-9), and one special character (such as !, %, @, or #). Looker provides admins with additional control over password requirements for users on their instance, which can be read about here. More on password restrictions here. More information on resetting a password here.

Adding / Editing a User:

You can set up a new user by clicking Admin > Users to open the Users page. Click Add Users to create new users and assign their roles. Once a user is made, their unique ID within looker will be their Looker User ID, so their email address, first name, and last name can be changed when using default authentication settings by going to Admin > Users > edit user.

Default Session Length:

Like most web applications, Looker will remember that you’ve logged in even if you’ve left the page. If you click the “keep me logged in” box when logging in, then this session lasts 30 days. Otherwise, the session lasts 30 minutes, and Looker will show you a warning every 30 minutes asking you if you want to stay logged in for another 30 minutes. More specifics on the persistent session feature can be found here and here.


Very little can be changed about this authentication process. For example, each user must have an email address, and this field cannot be substituted for something like a user ID. The password restrictions cannot be reduced, and the 'too many bad login attempts' lockout cannot be overridden.

To change these things, we recommend using another authentication system like SAML, as these often have options to configure password restrictions or lockout rules.

The session lengths of 30 minutes or 30 days cannot be changed, even if using an external authentication system.


For security reasons, Support does not reset passwords or administer user accounts in any way.



This content is subject to limited support.                




0 replies

Be the first to reply!