Password Strength Rules
You can set password strength rules that a password policy uses to determine whether a password is valid.
Attribute | Description |
---|---|
Maximum length | Enter the maximum number of characters that
a password can contain. For example: if value of this rule set to 6, then password should have at least 6 characters. |
Minimum length | Enter the minimum number of characters that
a password can contain. For example: if value of this rule set to 12, then user is allowed to set password up to 12 characters. |
Maximum repeated characters | Enter the maximum number of duplicate characters
that a password can contain. For example, if value of this rule is 2, then user can not add PPP as part of the password. |
Minimum unique characters | Enter the minimum number of unique characters
that a password must contain. For example: if value of this rule is 3, then password should have at least 3 unique characters such as abcdcba. |
Minimum alphabetic characters | Enter the minimum number of alphabetic characters
that a password must contain. For example: if value of this rule is 3, then password should have at least 3 alphabets, such as a1b2c3d. |
Minimum numeric characters | Enter the minimum number of numeric characters
that a password must contain. For example: if value of this rule is 3, then password should have at least 3 numbers, such as a1b2c3d. |
Characters not allowed | Enter characters that are not allowed in the
password. Do not separate any characters with a space or another delimiter,
unless a space or the delimiter is a disallowed character. For example: if you want to specify _-|{}& and * as disallowed characters, then a correct value for this field is:
An incorrect value for this field is:
or:
|
Required characters | Enter character that must be in the password.
Do not use a comma or a space or another delimiter. For example: if password value must contain a, b and c characters then a correct value for this field is:
An incorrect value for this field is:
or:
|
Restricted to characters | Enter the set of characters to which the password
is restricted. That is, the password must contain only these characters.
Do not separate any characters with a space or another delimiter,
unless a space or the delimiter is a character that must be specified. For example: If you want to specify all lowercase letters then a correct value for this field is:
An incorrect value for this field is:
or:
|
Starts with characters | Enter the sequence of characters that the password
must start with. Do not separate any characters with a space or another
delimiter, unless a space or the delimiter is a character that must
be specified. For example, if you want to specify that a password should start with 1234 then a correct value for this field is:
An incorrect value for this field is:
or:
|
Repeated history length | Enter the number of passwords that are retained.
This value specifies how many unique passwords must be used before
a previous password can be re-used. Passwords that match any password
in the history list cannot be reused. The history is updated every
time the password is changed. For example, if this value is 7, then the password must be changed 7 times to different passwords before the old password can be reused. |
Reversed history length | Enter the numeric value that specifies how many
passwords, spelled backwards are kept in history. Passwords that match
any password in the history list cannot be reused. The history is
updated every time the password is changed. For example, if the value for this rule is 7, then the password must be changed 7 times to different passwords before the old password (spelled backwards) can be reused. |
Disallow user name | Select the check box to disallow the use of
the user name as a password. The comparison is case sensitive. For example, if username is John, then user is not allowed to set a password containing the word John. |
Disallow user name (case-insensitive) | Select the check box to disallow the use of
the user name as a password. The comparison is case insensitive. For example, if username is John, then user is not allowed to set a password containing the word John, john, johN, or any variation of John as part of the password. |
Disallow user ID | Select the check box to disallow the use of
the user ID as a password. The comparison is case sensitive. For example, if user ID is JSmith, then user is not allowed to set password containing word JSmith. Since the comparison is case-sensitive, the user can have Jsmith, jsmith, or other variations as part of the password. |
Disallow user ID (case-insensitive) | Select the check box to disallow the use of
the user ID as a password. The comparison is case insensitive. For example, if user ID is JSmith, then user is not allowed to set password containing the word JSmith, Jsmith, jsmith, or other variations as part of the password. |
Do not allow in dictionary | Select the check box to reject the password
if its value matches a term in a dictionary that you configure, containing
a list of unwanted terms. Note: This option is only available when
a dictionary is configured.
|
Passwords must contain characters from three of the four categories | Select the check box to enable a three of four categoriesrule. This rule is compatible with the same rule in Microsoft Active Directory. The categories are as follows:
There is no category available for Unicode characters. They are not currently supported. |