Organizations and applications often have rules about the content of passwords, including the required number and type of characters. The Password Policy Properties table helps you to create and enforce these password rules through a password policy, and apply this policy to one or more applications.
Table 7-1 The Password Policy Properties Table
Policy |
Value |
Description |
---|---|---|
Minimum length |
Whole number |
Defines the required minimum number of characters. |
Maximum length |
Whole number |
Defines the required maximum number of characters. |
Minimum punctuation characters |
Punctuation characters |
Defines the minimum number of punctuation characters allowed in a password. |
Maximum punctuation characters |
Punctuation characters |
Defines the maximum number of punctuation characters allowed in a password. |
Minimum uppercase characters |
Whole number |
Defines the minimum number of uppercase characters allowed in a password. |
Maximum uppercase characters |
Whole number |
Defines the maximum number of uppercase characters allowed in a password. |
Minimum lowercase characters |
Whole number |
Defines the minimum number of lowercase characters allowed in a password. |
Maximum lowercase characters |
Whole number |
Defines the maximum number of lowercase characters allowed in a password. |
Minimum numeric characters |
Whole number |
Defines the minimum number of numeric characters allowed in a password. |
Maximum numeric characters |
Whole number |
Defines the maximum number of numeric characters allowed in a password. |
Disallow repeat characters |
No/Yes/Yes, case insensitive |
Disallows the use of repeated characters, or the use of the same successive characters. If this option is set to No, characters can be repeated. This is the default value. If this option is set to Yes, same alphabetic characters in a different case are considered as different characters. For example, A and a are different. If this option is set to Yes, case insensitive, the successive use of the same alphabetic characters in a different case is not allowed. |
Disallow duplicate characters |
No/Yes/Yes, case insensitive |
Disallows the use of the same non-successive characters. If this option is set to No, duplicate characters are allowed. This is the default value. If this option is set to Yes, the same alphabetic characters in a different case are considered as different characters. For example, A (uppercase) and a (lowercase) are different. If this option is set to Yes, case insensitive, duplication of the same alphabetic characters in a different case is not allowed. |
Disallow sequential characters |
No/Yes/Yes, case insensitive |
Disallows the use of successive characters in an alphabetical order. If this option is set to No, sequential characters are allowed. This is the default value. If this option is set to Yes, sequential characters in a different case are considered as non-sequential. For example, a and b and non-sequential. If this option is set to Yes, case insensitive, sequential characters in different cases is disallowed. |
Begin with an uppercase character |
No/Yes |
This parameter requires a password to start with an uppercase character. The default value is No. If this option is set to Yes, all other policies that indicate that a password must begin with a particular character or in a specific manner are disabled. IMPORTANT:Only one type of character can be designated as the first value of a password. |
End with an uppercase character |
No/Yes |
Enforces the use of an uppercase letter at the end of a password. The default value is No. If this option is set to Yes, all other policies that indicate that a password must end with a particular character or in a specific manner are disabled. |
Prohibited characters |
Keyboard characters |
Defines a list of characters that cannot be used in a password. NOTE:There is no need of a separator in the list of prohibited characters. For example, @#$%&* |
Begin with any Alpha character |
No/Yes |
This parameter requires a password to start with an alphabetical letter that is, [a-z] or [A-Z]. The default value is No. If this option is set to Yes, it automatically disables all other policies that specify what the first character of the password should be. |
Begin with any number |
No/Yes |
Enforces the use of a numeric character as the first character of the password. The default value is No. If this option is set to Yes, it automatically disables all other policies that specify what the first character of the password should be. |
Begin with any symbol |
No/Yes |
This parameter requires a password to start with a symbol. These characters are: ~!@#$%^&*()_+|-=\\{}[]:\\";'<>?/,.` The default value is No. If this option is set to Yes, it automatically disables all other policies that specify what the first character of the password should be. |
End with any Alpha character |
No/Yes |
Enforces the use of an alphabetic character as the last character of the password. The default value is No. If this option is set to Yes, it automatically disables all other policies that specify what the password should end with. |
End with any number |
No/Yes |
Enforces the use of a numeric character as the last character of the password. The default value is No. If this option is set to Yes, it automatically disables all other policies that specify what the password should end with. |
End with any symbol |
No/Yes |
This parameter requires a password to end with a symbol. These characters are: ~!@#$%^&*()_+|-=\\{}[]:\\";'<>?/,.` The default value is No. If this option is set to Yes, it automatically disables all other policies that specify what the password should end with. |