Forum Discussion

Nimbostratus

Jan 16, 2015

Secure password policy for the BIG-IP system (11.x)

SOL15497 states "When enabled, enforcement restrictions are applied to all user accounts, except for the user accounts that have the administrator role assigned to them. Consequently, a user with adm...

R_Marc

Nimbostratus

Jan 22, 2015

For PCI, just set it to something ridiculously long and lock those in a vault. Then never use them, except under emergency situations. You can use a remote directory (AD/Radius) and force compliance with those policies. There's no reason for users to ever log in as admin or root unless you loose access to your remote directory. PCI is all about mitigating controls.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)