Configuring Password Compliance

To configure password compliance

1. Navigate to Device | Settings > Administration.

2. Click the Login / Multiple Administrators tab.

   Configure the following settings in the Login Security section.

3.  To require users to change their passwords after a designated number of days has elapsed:
   1. Select Password must be changed every (days). The field becomes active. This option is not selected by default.
   2. Enter the elapsed time in the field. The default number of days is 90, the minimum is 1 day, and the maximum is 9999.

When a user attempts to login with an expired password, a popup window prompts the user to enter a new password. The User Login Status window now includes a Change Password button so users can change their passwords at any time.

4. To specify the minimum length of time, in hours, allowed between password changes:
   1. Select Change password after (hours) . The field becomes active.
   2. Enter the number of hours. The minimum – and default – time is 1 hour; the maximum is 9999 hours.
5. To require users to use unique passwords for the specified number of password changes:
   1. Select Bar repeated passwords for this many changes. The field becomes active.
   2. Enter the number of changes. The default number is 4, the minimum number is 1, and the maximum number is 32.
6. To require users to change at least 8 alphanumeric/symbolic characters of their old password when creating a new one, select New password must contain 8 characters different from the old password. For how to specify what characters are allowed, see Step 7.
7. Specify the shortest allowed password, enter the minimum number of characters in the Enforce a minimum password length of field. The default number is 8, the minimum is 1, and the maximum is 99.
8. Choose how complex a user’s password must be to be accepted from the Enforce password complexity drop-down menu:
   • Alphanumeric and symbolic characters(default) — Requires alphabetic, numeric, and symbolic characters – for symbolic characters, only !, @, #, $, %, ^, &, *, (, and ) are allowed; all others are denied
   • Alphanumeric characters— Requires both alphabetic and numeric characters
   • None

9. When a password complexity option other than None is selected, the options under Complexity Requirement become active. Enter the minimum number of alphanumeric and symbolic characters required in a user’s password.

   1. The default number for each when you select the Alphanumeric and symbolic characters option is,

      • Upper Case Characters - 1
      • Lower Case Characters - 1
      • Number Characters - 1
      • Symbolic Characters - 1

      

      The Symbolic Characters field becomes active only if Alphanumeric and symbolic characters is selected.

   2. The default number of each is 0 when you select Alphanumeric characters

   The total number of characters for all options cannot exceed 99.

10. Enter the number of incorrect login attempts from the command line interface (CLI) that triggers a lockout in the Max login attempts through CLI field. The default is 5, the minimum is 3, and the maximum is 15.

11. Select to which classes of users the password constraints are applied under Apply the above password constraints for. By default, all options are selected:

    • Admin – Refers to the default administrator with the username admin.
    • Other full admin
    • Limited admin
    • Guest admin
    • Other local users