Controller Based WLANs

Specific Management Password Policy

Aruba Employee
Q:

How to Implement Specific Management Password Policy



A:

By default, the password for a new management user has no requirements other than a minimum length of 6 alphanumeric or special characters. However, if your company enforces a best practices password policy for management users with root access to network equipment, you may want to configure a password policy that sets requirements for management user passwords.

 

Defining a Management Password Policy
To define specific management password policy settings through the WebUI or the CLI, complete the following steps:


In the WebUI
1. Navigate to Configuration>All Profiles.
2. Expand Other Profiles.
3. Select Mgmt Password Policy.
4. Configure the settings described below

  • Enable Password Policy: Select this checkbox to enable the password management policy. The password policy will not be enforced until this checkbox is selected.
  • Minimum password length required: The minimum number of characters required for a management user password. Range: 6-64 characters. Default: 6.
  • Minimum number of Upper Case characters: The minimum number of uppercase characters required in a management user password. Range: 0-10 characters. By default, there is no requirement for uppercase letters in a password, and the parameter has a default value of 0.
  • Minimum number of Lower Case characters:  The minimum number of lowercase characters required in a management user password. Range: 0-10 characters. By default, there is no requirement for lowercase letters in a password, and the parameter has a default value of 0.
  • Minimum number of Digits: The minimum number of numeric digits required in a management user password. Range: 0-10 digits. By default, there is no requirement for numerical digits in a password, and the parameter has a default value of 0.
  • Minimum number of Special characters (!, @, #, $, %, ^, &, *, <, >, {, }, [, ], :, ., comma, |, +, ~, `) :  The minimum number of special characters. Range: 0-10 characters.
  • Username or Reverse of username NOT in Password : When you select this checkbox, the password cannot be the management users’ current username or the username spelled backwards.
  • Maximum consecutive character repeats : The maximum number of consecutive repeating characters allowed in a management user password. Range: 0-10 characters. By default, there is no limitation on the numbers of character that can repeat within a password, and the parameter has a default value of 0 characters.
  • Maximum Number of failed attempts in 3 minute window to lockout user: The number of failed attempts within a 3 minute window that causes the user to be locked out for the period of time specified by the Time
    duration to lockout the user upon crossing the "lock-out" threshold parameter. Range: 0-10 attempts. By default, the password lockout feature is disabled, and the default value of this parameter is 0 attempts.
  • Time duration to lock out the user upon crossing the "lockout" threshold: The duration in time that locks out the user upon crossing the lock out threshold. Range: 0-60 in minute

5. Click Apply to save your settings.


In the CLI:


aaa password-policy mgmt

Version history
Revision #:
2 of 2
Last update:
‎03-26-2017 02:05 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.