Password Quality Req

As an administrator, you can enforce password complexity by setting password complexity rules. The following rules and configuration instructions apply to all system accounts.
Note: The credit value of each field indicates the requirement of the corresponding item in the password. For example,

  • Uppercase credit 0 : Uppercase characters may or may not be included in the password.

  • Uppercase credit -2: The password must contain a minimum of 2 uppercase characters.

  • Uppercase credit 2: If uppercase characters are included in the password, 2 of these characters will have a length credit assigned, which means, each of these 2 uppercase characters will be counted as 2 characters towards the minimum password length. Additional uppercase characters included in the password will not get this credit and will be counted only as 1 towards the minimum password length. Positive credit for a character does not imply that that character must be included in the password.

The following rules and configuration instructions apply to all system accounts by default:

  • Minimum length:  The password must contain at least 8 characters.

  • Uppercase credit: Specifies the maximum length credit for having uppercase characters in the password. If less than 0, it is the minimum number of uppercase characters required.

  • Lowercase credit: Specifies the maximum length credit for having lowercase characters in the password. If less than 0, it is the minimum number of lowercase characters required.

  • Digit credit: Specifies the maximum length credit for having digits in the password. If less than 0, it is the minimum number of digits required.

  • Non-alphanumeric credit: Specifies the maximum length credit for having non-alphanumeric characters in the password. If less than 0, it is the minimum number of non-alphanumeric characters required.

  • Minimum character classes: Specifies the minimum number of character classes required. The four classes are digits, uppercase, lowercase and non-alphanumeric characters.
    Note: To require 1 character from each class set this value to 4.

  • Maximum class repeat: Specifies the maximum number of allowed consecutive characters of the same class. The option is disabled if the value is 0.

  • Maximum repeat: Specifies the maximum number of same consecutive characters allowed. The option is disabled if the value is 0.

  • Character difference: Specifies the number of characters in the new password that must not be present in the old password during a password change.

  • User real name check: Checks whether any words, more than 3 characters long, from the account owner's real name (the "User name" field of the account) are contained in the password, in which case the password is not acceptable.

  • Reset non-compliant password: Forces password change at logon if the password does not comply with the password quality requirements.

  • Forbidden words: Specifies space separated list of forbidden words (containing more than 3 characters). These are in addition to the words included in the normal cracklib dictionary check.

Parent topic: System Users