Modifying the password policy file

You can change the password policy file.

1. To open the passwordPolicy.xml file, from the web console, go to your user name and then click Menu Button () > System Settings > Properties > passwordPolicy.xml.
   The following example shows the default passwordPolicy.xml file.

   <!-- all nested elements are optional, so an empty password policy is valid -->
   <passwordPolicy>
   	<!-- available for Release 2 -->
   	<matchingPatterns>
   		<minLength>0</minLength>		<!-- Omission means that there is no limit -->
   		<maxLength>64</maxLength>		<!-- Omission means that there is no limit -->
   	 <!-- <required>3</required> -->		<!-- this number must be less than or equal 
      to the # patterns listed below -->
   	 <!-- <patterns> -->
   		<!-- <pattern>[a-z]</pattern> -->	<!-- patterns are Java regex patterns that 
       must match -->
   		<!-- <pattern>[A-Z]</pattern> -->
   		<!-- <pattern>[0-9]</pattern> -->
   		<!-- <pattern>\W</pattern> -->		<!-- a regex which means special characters -->
   	<!-- </patterns> -->
   	</matchingPatterns>
   	<nonMatchingPatterns>				<!-- password patterns to exclude -->
   	<!-- <patterns> -->
   		<!-- <pattern></pattern> -->		<!-- passwords which match these 
       patterns are not allowed -->
   	<!-- </patterns> -->
   	</nonMatchingPatterns>
   </passwordPolicy>

2. To set a minimum password length, type a value between the <minLength> and </minLength> tags. For example, to set the minimum password length at six characters, type:

   <minLength>6</minLength>

3. To set a maximum password length, type a value between the <maxLength> and </maxLength> tags. For example, to set the maximum password length at 72 characters, type:

   <maxLength>72</maxLength>

4. To specify the number of patterns that a password must match:
   • Delete the comment marks (<!-- and -->) preceding and following the <!-- <required>3</required> --> tags under the <matchingPatterns> tag.
   • Type the minimum number of patterns that a password must match between the <required> </required> tags. For example, if you want a password to match at least two password patterns, type:

     <maxLength>72</maxLength>

5. To require certain characters in the password:
   • Delete the comment marks (<!-- and -->) preceding and following the <patterns> and </patterns> --> tags.
   • Delete the comment marks (<!-- and -->) preceding and following the <pattern></pattern> tags you want to require. You can use regex to define more specific password patterns.
6. To exclude certain characters or combinations in the password:
   • Delete the comment marks (<!-- and -->) preceding and following the <patterns> and </patterns> --> tags following the <nonMatchingPatterns> tag.
   • Delete the comment marks (<!-- and -->) preceding and following the <pattern></pattern> tags.
   • Type the pattern to exclude between the <pattern> and </pattern> tags. For example, if you want to exclude passwords with three consecutive identical characters, type:

     <pattern>(.)\1\1</pattern>

7. Save the passwordPolicy.xml file.
8. Restart all your IBM® Sterling Control Center Monitor event processors.
   Note: The changed password policy takes effect when an existing user tries to change his password or a new user is created that requires a password.