HP StorageWorks 8/40 HP StorageWorks Fabric OS 5.2.x administrator guide (5697 - Page 65
How to set the password history policy, MinLength, MinPasswordAge, Warning
View all HP StorageWorks 8/40 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 65 highlights
not allowed because it is incompatible Web Tools. The default value is zero. The maximum value must be less than or equal to the MinLength value. • MinLength Specifies the minimum length of the password. The minimum can be from 8 to 40 characters. New passwords must between the minimum length specified and 40 characters. The default value is 8. The total of the other password strength policy parameters (lowercase, uppercase, digits and punctuation) must be less than or equal to the value of the MinLength parameter. The following example shows a password strength policy that requires passwords to contain at least 3 uppercase characters, 4 lowercase characters and 2 numeric digits; the minimum length of the password is 9 characters. passwdcfg --set -uppercase 3 -lowercase 4 -digits 2 -minlength 9 How to set the password history policy The password history policy prevents users from recycling recently used passwords, and is enforced across all user accounts when users are setting their own passwords. The password history policy is enforced only when a new password is defined. Specify the number of past password values that are disallowed when setting a new password. Allowable password history values range between 1 and 24. The default value is 1, which means both the current and previous passwords cannot be reused. The value 2 indicates that the current and two previous passwords cannot be used (and so on, up to 24 passwords). This policy does not verify that a new password meets a minimal standard of difference from prior passwords, rather, it only determines whether or not a newly-specified password is identical to one of the specified number (1-24) of previously used passwords. The password history policy is not enforced when an administrator sets a password for another user; instead, the user's password history is preserved and the password set by the administrator is recorded in the user's password history. How to set the password expiration policy The password expiration policy forces expiration of a password after a configurable period of time, and is enforced across all user accounts. A warning that password expiration is approaching is displayed when the user logs in. When a user's password expires, he or she must change the password to complete the authentication process and open a user session. You can specify the number of days prior to password expiration during which warnings will commence. Password expiration does not disable or lock out the account. Use the following attributes to set the password expiration policy: • MinPasswordAge Specifies the minimum number of days that must elapse before user can change a password. MinPasswordAge values range from 0 to 999. The default value is zero. Setting this parameter to a non-zero value discourages users from rapidly changing a password in order to circumvent the password history setting to select a recently-used password. The MinPasswordAge policy is not enforced when an administrator changes the password for another user. • MaxPasswordAge Specifies the maximum number of days that can elapse before a password must be changed, and is also known as the password expiration period. MaxPasswordAge values in range from 0 to 999. The default value is zero. Setting this parameter to zero disables password expiration. • Warning Specifies the number of days prior to password expiration that a warning about password expiration is displayed. Warning values range from 0 to 999. The default value is 0 days. NOTE: When MaxPasswordAge is set to a non-zero value, MinPasswordAge and Warning must be set to a value that is less than or equal to MaxPasswordAge. Fabric OS 5.2.x administrator guide 65