Password Policy
The Admin Security feature supports the creation of password policies that enables the authentication process by imposing requirements for:
- password length
- password strength
- password history and re-use
- password expiry and grace period
The Admin Security feature set needs the following password length/strength requirements:
- user class passwords must contain at least 9 characters (Admin Security only)
- admin class passwords must contain at least 15 characters
- passwords must contain at least 2 lower case alphabetic characters
- passwords must contain at least 2 upper case alphabetic characters
- passwords must contain at least 2 numeric characters
- passwords must contain at least 2 special characters (such as !, ", #, $, %, &, ' , (, ), *, +, , , -, ., /, :, ;, <, =, >, ?, @, [, \, ], ^, _, `, {, |, }, ~)
- passwords must differ from the prior password by at least 4 characters
- characters in password must differ from the prior password in at least 8 positions
- passwords cannot contain, repeat, or reverse the entire username
- passwords cannot contain three consecutive identical characters
When you enable the password-policy, and
password-policy-strength as part of the Admin Security ACP
feature, you impose the following requirements in addition to those enforced with the
Admin Security feature:
- Passwords cannot contain two or more characters from the user ID
- Passwords cannot contain a sequence of three or more characters from any password contained in the password history cache
- Passwords cannot contain a sequence of two or more characters more than once
- Passwords cannot contain either sequential numbers or characters, or repeated characters more than once.
For more information, see Configuring the Admin Security with ACP Password Rules.