Set Password Policy from the CLI
To configure the parameters for the password policy, enter the following command:
$ policy password set [quality=value] [minlen=value] [minuppers=value] [mindigits=value] [minsymbols=value] [expiry=value] [lifetime=value] [remember=value]
Example:
$ policy password set quality=strong minlen=10 minuppers=1 minsymbols=1 expiry=yes lifetime=30
New policy successfully set.
Note
Setting quality to basic makes the minimum password length the only requirement for creating a new password. Setting it to strong adds stricter requirements for password creation (e.g., checks for minimum length, minimum number of required upper case characters, digits, and symbols, etc.). Setting the Password quality to strong also prevents the use of dictionary words in passwords, and enforces a minimum number of 4 characters that must be different from the previous password.
The possible values for the configurable password parameters are:
Parameter | Values | Description |
|---|---|---|
| basic, strong | Password strength |
| 6 to 40 | Minimum password length |
| 0 to 40 | Minimum number of uppercase letters* |
| 0 to 40 | Minimum number of digits* |
| 0 to 40 | Minimum number of symbols* |
| yes, no | Password persistence |
| 1 to 180 days | Password expiration period |
minlifetime | 0 | Minimum number of days before a password can be changed |
remember
| 5 –400 | Number of previous passwords to prevent users from re-using |
*only applies when quality = strong
See also "Policy Settings" in the associated User's Guide.