Querying and Setting the Status of the Password Complexity Check Function (passwordcomplexity)
Function
The passwordcomplexity command is used to query and set the status of the password complexity check function.
Format
ipmcget [-t user] -d passwordcomplexity
ipmcset [-t user] -d passwordcomplexity -v <enabled | disabled>
Parameters
Parameter | Description | Value |
---|---|---|
enabled | Enables the password complexity check function. | - |
disabled | Disables the password complexity check function. | - |
Usage Guidelines
- The password complexity check function is enabled by default.
- Disabling the password complexity check function reduces the system security. Set the parameter with caution.
- If password complexity check is disabled, the password cannot be empty or exceed 20 characters.
If password complexity check is enabled, the password must meet the following requirements:
- Contain 8 to 20 characters
Contain at least a space or one of the following special characters:
`~!@#$%^&*()-_=+\|[{}];:'",<.>/?
Contain at least two types of the following characters:
- Uppercase letters A to Z
- Lowercase letters a to z
- Digits 0 to 9
- Cannot be the same as the user name or the user name in reverse order.
- Have at least two new characters when compared with the previous password.
In addition to the password complexity check, the iBMC also checks for weak passwords for security purposes. (You can run the ipmcset -t user -d weakpwddic -v export command to export the weak passwords from the weak password dictionary.)
Only the administrators can set the status of the password complexity check function.