Setting The Password History Policy; Setting The Password Expiration Policy - HP A7533A - Brocade 4Gb SAN Switch Base Administrator's Manual

• Digits
Specifies the minimum number of numeric digits that must appear in the password. The default value is
zero. The maximum value must be less than or equal to the MinLength value.
• Punctuation
Specifies the minimum number of punctuation characters that must appear in the password. All
printable, non-alphanumeric punctuation characters except the colon ( : ) are allowed. The colon is not
allowed because it is incompatible with Web Tools. The default value is zero. The maximum value must
be less than or equal to the MinLength value.
• MinLength
Specifies the minimum length of the password. The minimum can be from 8 to 40 characters. New
passwords must between the minimum length specified and 40 characters. The default value is 8. The
maximum value must be greater than or equal to the MinLength value.
• Repeat
Specifies the length of repeated character sequences that will be disallowed. For example, if the
"repeat" value is set to 3, a password passAAAword is disallowed because it contains the repeated
sequence "AAA". A password of passAAword would be allowed because no repeated character
sequence exceeds two characters. The range of allowed values is 1 – 40. The default value is 1.
• Sequence
Specifies the length of sequential character sequences that will be disallowed. A sequential character
sequence is defined as a character sequence in which the ASCII value of each contiguous character
differs by one. The ASCII value for the characters in the sequence must all be increasing or decreasing.
For example, if the sequence value is set to 3, a password passABCword is disallowed because it
contains the sequence ABC. A password of passABword would be allowed because it contains no
sequential character sequence exceeding two characters. The range of allowed values is 1 – 40. The
default value is 1.
The following example shows a password strength policy that requires passwords to contain at least
three uppercase characters, four lowercase characters and two numeric digits; the minimum length of
the password is nine characters.
passwdcfg --set -uppercase 3 -lowercase 4 -digits 2 -minlength 9

Setting the password history policy

The password history policy prevents users from recycling recently used passwords, and is enforced across
all user accounts when users are setting their own passwords. The password history policy is enforced only
when a new password is defined.
Specify the number of past password values that are disallowed when setting a new password. Allowable
password history values range from 1 to 24. The default value is 2, which means the current password
cannot be reused. The value 2 indicates that the current and the two previous passwords cannot be used
(and so on, up to 24 passwords).
This policy does not verify whether a new password meets a minimal standard of difference from prior
passwords; it determines only whether a newly-specified password is identical to any of the specified
number (1-24) of previously used passwords.
The password history policy is not enforced when an administrator sets a password for another user;
instead, the user's password history is preserved and the password set by the administrator is recorded in
the user's password history.

Setting the password expiration policy

The password expiration policy forces expiration of a password after a configurable period of time, and is
enforced across all user accounts. A warning that password expiration is approaching is displayed when
the user logs in. When a user's password expires, he or she must change the password to complete the
authentication process and open a user session. You can specify the number of days prior to password
expiration during which warnings will commence. Password expiration does not disable or lock out the
account.
Use the following attributes to set the password expiration policy:
• MinPasswordAge
66 Managing user accounts