Secure password policy for the BIG-IP enforcement
Hi, I've made some adjustements to the secure password policy, but I'm still abe to create a new user with a password which doesnt match the requirements. I noticed that I'm not able to login - which is good, but should there not be a waring or not even able to set a password which doesnt meet the requirements? (tmos)# list /auth password-policy all-properties auth password-policy { description none expiration-warning 7 lockout-duration 0 max-duration 99999 max-login-failures 6 min-duration 0 minimum-length 10 password-memory 0 policy-enforcement enabled required-lowercase 1 required-numeric 1 required-special 0 required-uppercase 1 } (tmos)# create auth user test1 password 1234 (tmos)# list auth user test1 auth user test1 { description test1 encrypted-password $6$CX2o0f4l$uxR8vZ9rw3LLD3hYOgUeJrqfZjbXtMdvhNXgKNspdVU2S7ywVewhX/qFH9AOqSNsrdnpf2JA4St9BpyBxUAV60 partition Common partition-access { all-partitions { role guest } } session-limit -1 shell none644Views0likes4Comments