Changing password requirements

You can change the minimum password limit, password length, password expiration, and enable or disable authentication for IBM Spectrum Protect™.

About this task

By enforcing password authentication and managing password restrictions, you protect your data and your servers from potential security risks.

Complete the following tasks to change password requirements for IBM Spectrum Protect servers.

Table 1. Authentication tasks for IBM Spectrum Protect servers
Task	Procedure
Set a limit for invalid password attempts.	On the Servers page in the Operations Center, select the server. Click Details, and then click the Properties tab. Set the number of invalid attempts in the Invalid sign-on attempt limit field. The default value at installation is 0.
Set a minimum length for passwords.	On the Servers page in the Operations Center, select the server. Click Details and then click the Properties tab. Set the number of characters in the Minimum password length field.
Set the expiration period for passwords.	On the Servers page in the Operations Center, select the server. Click Details and then click the Properties tab. Set the number of days in the Password common expiration field.
Disable password authentication.	By default, the server automatically uses password authentication. With password authentication, all users must enter a password to access the server. You can disable password authentication only for passwords that authenticate with the server (LOCAL). By disabling password authentication, you increase the security risk for the server.
Set a default authentication method.	Issue the SET DEFAULTAUTHENTICATION command. For example, to use the server as the default authentication method, issue the following command: `set defaultauthentication local` To update one client node to authenticate with the server, include `AUTHENTICATION=LOCAL` in the UPDATE NODE command: `update node authentication=local`