Fortinet black logo

CLI Reference

password-policy

password-policy

Use this command to configure access password policies.

Syntax

config system password-policy

set status {disable | enable}

set minimum-length <integer>

set must-contain <lower-case-letter | non-alphanumeric | number | upper-case-letter>

set change-4-characters {disable | enable}

set expire <integer>

end

Variable

Description

status {disable | enable}

Enable/disable the password policy. Default: enable

minimum-length <integer>

Set the password’s minimum length.

Range: 8 to 256 (characters)

Default: 8

must-contain <lower-case-letter | non-alphanumeric | number | upper-case-letter>

Characters that a password must contain.

  • lower-case-letter: the password must contain at least one lower case letter
  • non-alphanumeric: the password must contain at least one non-alphanumeric characters
  • number: the password must contain at least one number
  • upper-case-letter: the password must contain at least one upper case letter.

change-4-characters {disable | enable}

Enable/disable changing at least 4 characters for a new password. Default: disable

expire <integer>

Set the number of days after which admin users' password will expire; 0 means never. Default: 0

password-policy

Use this command to configure access password policies.

Syntax

config system password-policy

set status {disable | enable}

set minimum-length <integer>

set must-contain <lower-case-letter | non-alphanumeric | number | upper-case-letter>

set change-4-characters {disable | enable}

set expire <integer>

end

Variable

Description

status {disable | enable}

Enable/disable the password policy. Default: enable

minimum-length <integer>

Set the password’s minimum length.

Range: 8 to 256 (characters)

Default: 8

must-contain <lower-case-letter | non-alphanumeric | number | upper-case-letter>

Characters that a password must contain.

  • lower-case-letter: the password must contain at least one lower case letter
  • non-alphanumeric: the password must contain at least one non-alphanumeric characters
  • number: the password must contain at least one number
  • upper-case-letter: the password must contain at least one upper case letter.

change-4-characters {disable | enable}

Enable/disable changing at least 4 characters for a new password. Default: disable

expire <integer>

Set the number of days after which admin users' password will expire; 0 means never. Default: 0