Password strength rules
You can set password strength rules that a password policy uses to determine whether a password is valid.
Attribute | Description |
---|---|
Maximum length | Enter the maximum number of characters that a password can contain. For example: if value of this rule set to 6, then password should have at least 6 characters. |
Minimum length | Enter the minimum number of characters that a password can contain. For example: if value of this rule set to 12, then user is allowed to set password up to 12 characters. |
Maximum repeated characters | Enter the maximum number of duplicate characters that a password can
contain. For example, if value of this rule is 2, then user can not add PPP as part of the password. |
Minimum unique characters | Enter the minimum number of unique characters that a password must
contain. For example: if value of this rule is 3, then password should have at least 3 unique characters such as abcdcba. |
Minimum alphabetic characters | Enter the minimum number of alphabetic characters that a password must
contain. For example: if value of this rule is 3, then password should have at least 3 alphabets, such as a1b2c3d. |
Minimum numeric characters | Enter the minimum number of numeric characters that a password must
contain. For example: if value of this rule is 3, then password should have at least 3 numbers, such as a1b2c3d. |
Characters not allowed | Enter characters that are not allowed in the password. Do not separate any
characters with a space or another delimiter, unless a space or the delimiter is a disallowed
character. For example: if you want to specify _-|{}& and * as disallowed characters, then a correct value for this field is:
An incorrect value for this field is:
or:
|
Required characters | Enter character that must be in the password. Do not use a comma or a space or
another delimiter. For example: If the password value must contain a, or b, or c character, then here are some examples of the valid values for this field:
An incorrect value for this field is:
or:
|
Restricted to characters | Enter the set of characters to which the password is restricted. That is, the
password must contain only these characters. Do not separate any characters with a space or another
delimiter, unless a space or the delimiter is a character that must be specified. For example: If you want to specify all lowercase letters then a correct value for this field is:
An incorrect value for this field is:
or:
|
Starts with characters | Enter one or more characters that the password must start with. Do not
separate any characters with a space or another delimiter, unless a space or the delimiter is a
character that must be specified. For example, if you want to specify that a password should start with 1, or 2, or 3, then here are some examples of correct values for this field:
An incorrect value for this field is:
or:
|
Repeated history length | Enter the number of passwords that are retained. This value specifies how many
unique passwords must be used before a previous password can be re-used. Passwords that match any
password in the history list cannot be reused. The history is updated every time the password is
changed. For example, if this value is 7, then the password must be changed 7 times to different passwords before the old password can be reused. |
Reversed history length | Enter the numeric value that specifies how many passwords, spelled backwards
are kept in history. Passwords that match any password in the history list cannot be reused. The
history is updated every time the password is changed. For example, if the value for this rule is 7, then the password must be changed 7 times to different passwords before the old password (spelled backwards) can be reused. |
Disallow user name | Select the check box to disallow the use of the user name as a password. The
comparison is case sensitive. For example, if username is John, then user is not allowed to set a password containing the word John. |
Disallow user name (case-insensitive) | Select the check box to disallow the use of the user name as a password. The
comparison is case insensitive. For example, if username is John, then user is not allowed to set a password containing the word John, john, johN, or any variation of John as part of the password. |
Disallow user ID | Select the check box to disallow the use of the user ID as a password. The
comparison is case sensitive. For example, if user ID is JSmith, then user is not allowed to set password containing word JSmith. Since the comparison is case-sensitive, the user can have Jsmith, jsmith, or other variations as part of the password. |
Disallow user ID (case-insensitive) | Select the check box to disallow the use of the user ID as a password. The
comparison is case insensitive. For example, if user ID is JSmith, then user is not allowed to set password containing the word JSmith, Jsmith, jsmith, or other variations as part of the password. |
Do not allow in dictionary | Select the check box to reject the password if its value matches a term in a
dictionary that you configure, containing a list of unwanted terms. Note: This option is only
available when a dictionary is configured.
|
Passwords must contain characters from three of the four categories | Select the check box to enable a "three of four categories" rule. This rule is
compatible with the same rule in Microsoft Active Directory. The categories are as follows:
There is no category available for Unicode characters. They are not currently supported. |