Password management parameters consists of defining aging, the authentication order and authentication methods, password length and complexity, as well as the number of attempts a user can enter a password.
Depending on the your authentication requirements, password parameters are configured locally.
Use the following syntax to configure password support.
config>system>security
password
admin-password password [hash|hash2]
aging days
attempts count [time minutes1] [lockout minutes2]
authentication-order [method-1] [method-2] [method-3] [exit-on-reject]
complexity-rules
allow-user-name
credits [lowercase credits] [uppercase credits] [numeric credits] [special-character credits]
minimum-classes minimum
minimum-length length
repeated-characters count
required [lowercase count] [uppercase count] [numeric count] [special-character count]
hashing {bcrypt|sha2-pbkdf2}
health-check [interval interval]
history-size size
minimum-age [days days] [hrs hours] [min minutes] [sec seconds]
minimum-change distance
A:ALA-1>config>system>security# info
----------------------------------------------
password
authentication-order radius tacplus local
aging 365
minimum-length 8
attempts 5 time 5 lockout 20
exit
----------------------------------------------
A:ALA-1>config>system>security#