Configuring the Password Complexity Rule

About this task

Use the following procedure to configure the password complexity rule.

The password complexity rule default is to use at least two uppercase, two lowercase, two numeric, and two special character to meet the password criteria.

Before you begin

  • You must enable enhanced secure mode in either the JITC or non-JITC sub-modes. As a best practice, use the non-JITC sub-mode because the JITC sub-mode is more restrictive and prevents the use of some troubleshooting utilities.

Procedure

  1. Enter Global Configuration mode:

    enable

    configure terminal

  2. Configure the password complexity rule:

    password password–rule <1–2> <1–2> <1–2> <1–2>

  3. Optional: Configure the password complexity rule to the default:

    default password password–rule

  4. Save the configuration:

    save config

    Note

    Note

    The save config command saves the configuration file with the filename configured as the primary configuration filename in boot config. Use the command show boot config choice to view the current primary and backup configuration filenames.

Example

Configure the password complexity rule to require two uppercase, two lowercase, two numeric and two special characters in each password:

Switch:1>enable
Switch:1#configure terminal
Switch:1(config)#password password–rule 2 2 2 2
Switch:1(config)#save config

Variable definitions

Use the data in the following table to use the password password-rule command.

Variable

Value

<1–2> <1–2> <1–2> <1–2>

Configures the minimum password rule. The first variable defines the number of uppercase characters required. The second <1-2> variable defines the number of lowercase characters required. The third <1-2> variable defines the number of numeric characters required. The fourth <1-2> variable defines the number of special characters required. The default for each of these is 2.