Ireda
Sep 12, 2023Cirrostratus
APM Password policy
Dears We need to enable the password policy on IT-Admin accounts as per the below details, Is the below ok, or what is recommended? Is there any impact?
Hi, first of all I assume this is not a question specific to APM users accessing through portal or vpn client but to big-ip local admins
As per your screenshot, there is no reason to specify the exact number of required characters (6 3 3 2). I -personnaly- consider (1 1 1 1) to be secure enough, and I -personnaly- think what you have now is paranoia not security.
Regarding other fields, some would tell you that it is a very secure configuration, some others would not, I would tell you that it depends on your environment and this is the type of question I always forward to the CISO team to decide what has to be configured not to F5 admins nor to my -personal- feeling of what is secure or not.