auth password-policy
auth password-policy(1) BIG-IP TMSH Manual auth password-policy(1)
NAME
password-policy - Specifies the parameters of the valid passwords for
the BIG-IP(r) system.
MODULE
auth
SYNTAX
Configure the password-policy component within the auth module using
the syntax shown in the following sections.
MODIFY
modify password-policy
options:
expiration-warning [integer]
max-duration [integer]
max-login-failures [integer]
min-duration [integer]
minimum-length [integer]
password-memory [integer]
policy-enforcement [disabled | enabled]
required-lowercase [integer]
required-numeric [integer]
required-special [integer]
required-uppercase [integer]
DISPLAY
list password-policy
list password-policy
show running-config password-policy
show running-config password-policy
options:
all-properties
non-default-properties
one-line
DESCRIPTION
Users assigned a role of Administrator or Resource Administrator can
modify a password policy for the BIG-IP system to enforce a company's
security requirements by defining the parameters for valid passwords.
Users assigned other roles can view password policies.
EXAMPLES
password-policy max-duration 90 min-duration 30 minimum-length 6
required-lowercase 2 required-uppercase 2 required-special 1 required-
numeric 1 expiration-warning 5
Creates a password policy that specifies that passwords are valid for a
maximum of 90 days and a minimum of 30 days. Also specifies that to be
valid, a password must contain at least 6 characters, but not more than
10 characters, including 2 lowercase alpha characters, 2 uppercase
alpha characters, and 1 number. Additionally, this policy specifies
that the system automatically warns users five days before their
passwords expire.
list password-policy
Displays the password policy.
OPTIONS
expiration-warning
Specifies the number of days before a password expires. Based on
this value, the BIG-IP system automatically warns users when their
password is about to expire. The default value is 7 days.
max-duration
Specifies the maximum number of days a password is valid. The
default value is 99999.
max-login-failures
Specifies the number of consecutive unsuccessful login attempts
that the system allows before locking out the user. The default
value is 0 (zero - disabled).
min-duration
Specifies the minimum number of days a password is valid. The
default value is 0 (zero).
minimum-length
Specifies the minimum number of characters in a valid password.
The default value is 6.
password-memory
Specifies whether the user has configured the BIG-IP system to
remember a password on a specific computer. The default value is 0
(zero).
policy-enforcement
Enables or disables the password policy on the BIG-IP system. The
default value is disabled.
required-lowercase
Specifies the number of lowercase alpha characters that must be
present in a password for the password to be valid. The default
value is 0 (zero).
required-numeric
Specifies the number of numeric characters that must be present in
a password for the password to be valid. The default value is 0
(zero).
required-special
Specifies the number of special characters that must be present in
a password for the password to be valid. The default value is 0
(zero).
required-uppercase
Specifies the number of uppercase alpha characters that must be
present in a password for the password to be valid. The default
value is 0 (zero).
SEE ALSO
auth user, modify, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009-2010, 2012-2013, 2016. All
rights reserved.
BIG-IP 2016-03-14 auth password-policy(1)