Password Updating And Expiration - HPE FlexNetwork 7500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 7500 Series:
- Security configuration manual (506 pages) ,
- Command reference manual (474 pages) ,
- Network management and monitoring command reference (430 pages)
Table of Contents
Advertisement
Character name
Slash
Underscore
Depending on the system's security requirements, you can set the minimum number of character
types a password must contain and the minimum number of characters for each type, as shown in
Table
18.
Table 18 Password composition policy
Password combination
level
Level 1
Level 2
Level 3
Level 4
In non-FIPS mode, all the combination levels are available for a password. In FIPS mode, only the
level 4 combination is available for a password.
When a user sets or changes a password, the system checks if the password meets the combination
requirement. If not, the operation fails.
Password complexity checking policy
A less complicated password such as a password containing the username or repeated characters is
more likely to be cracked. For higher security, you can configure a password complexity checking
policy to ensure that all user passwords are relatively complicated. With such a policy configured,
when a user configures a password, the system checks the complexity of the password. If the
password is complexity-incompliant, the configuration will fail.
You can apply the following password complexity requirements:
•
A password cannot contain the username or the reverse of the username. For example, if the
username is abc, a password such as abc982 or 2cba is not complex enough.
•
A character or number cannot be included three or more times consecutively. For example,
password a111 is not complex enough.
Password updating and expiration
Password updating
This feature allows you to set the minimum interval at which users can change their passwords. If a
user logs in to change the password but the time passed since the last change is less than this
interval, the system denies the request. For example, if you set this interval to 48 hours, a user
cannot change the password twice within 48 hours.
The set minimum interval is not effective when a user is prompted to change the password at the first
login or after its password aging time expires.
Password expiration
Password expiration imposes a lifecycle on a user password. After the password expires, the user
needs to change the password.
If a user enters an expired password when logging in, the system displays an error message. The
user is prompted to provide a new password and to confirm it by entering it again. The new password
must be valid, and the user must enter exactly the same password when confirming it.
Symbol
/
_
Minimum number of
character types
One
Two
Three
Four
246
Character name
Tilde
Vertical bar
Minimum number of characters
for each type
One
One
One
One
Symbol
~
|
Advertisement
Table of Contents
Troubleshooting
