1.3.2 Ensure 'Minimum Length' is greater than or equal to 12


This determines the least number of characters that make up a password for a user account.
Types of password attacks include dictionary attacks (which attempt to use common words and phrases) and brute force attacks (which try every possible combination of characters).


Navigate to Device > Setup > Management > Minimum Password Complexity.
Set Minimum Length to greater than or equal to 12
Execute the following CLI command:
username@hostname#set mgt-config password-complexity minimum-length <>
+ block-repeated-characters Block repeated characters count
+ block-username-inclusion Block inclusion of username and it's reverse
+ enabled Enable minimal password complexity enforcement
+ minimum-length Minimum password length
+ minimum-lowercase-letters Minimum lowercase letters in the password
+ minimum-numeric-letters Minimum numeric(0-9) letters in the password
+ minimum-special-characters Minimum special characters(non-alphanumeric) in the password
+ minimum-uppercase-letters Minimum uppercase letters in the password
+ new-password-differs-by-characters New Password must differ by the count chars
+ password-change-on-first-login Password must change on first time login
+ password-change-period-block Password change block period
+ password-history-count Save password history for password changes
> password-change password-change
<Enter> Finish input
# commit

Default Value:
Not enabled.

See Also


Item Details


References: 800-53|IA-5(1)(a), CSCv6|5.3, CSCv6|5.7, CSCv6|16.12

Plugin: Palo_Alto

Control ID: ab34452855a9d2cb092947986fb5027c3b27f2ac1a29d72f0d9249d41f4401f7