Perform this task to configure a user password strategy to secure user passwords. A user password strategy defines the requirements for the new password when a device user changes the password in the self-service center.
Procedure
- Click the User tab, and then select Device User Policy > Service Parameters > System Configuration from the navigation tree.
- Click the
icon for configure user password strategy.
- Configure the following parameters:
- Strategy Name: Enter a name for the user password strategy. The name must be unique.
- Description: Enter a description.
- Limit Password Length: Select this option to set the maximum length and the minimum length of a password. When a device user changes the password, the system checks the length of the new password. If the length of the new password is not in the specified range, password change fails.
- Limit Reuse of Password: Select this option and set the maximum password reuse limit. When a device user changes the password, the system checks the most recent n old passwords. If the new password is the same as any one of the old password, password change fails.
- Password Validity Period: The password of the device user expires and cannot be used for user authentication after the password validity period. The device user can log in to the device user self-service center to modify the password.
- Password Expiration Notification Threshold: Configure the system to notify a user of a soon-to-expire password the specified number of N days before the password expires.
- Expired User Control: Select whether to forbid a user with an expired password from logging in to the network or allow the user to change the password.
- Password and Account Similarity Check: Select this option to enable the system to check whether the new password of a device user includes the account name. If the new password includes the account name, password change fails.
- Contains Letters in Lowercase: Select this option to require the new password of a device user to include uppercase letters.
- Contains Letters in Uppercase: Select this option to require the new password of a device user to include lowercase letters.
- Contain Digits: Select this option to require the new password of a device user to include digits.
- Contain Other Characters: Select this option to require the new password of a device user to include other characters except for digits and letters, such as dots (.) and at signs (@).
- Click OK.
Remarks
A user password strategy controls password change of a device user only if the Enable User Password Strategy option is selected when you add, import, or modify the device user.