Fortinet black logo

CLI Reference

config system password-policy

config system password-policy

Configure password policy for locally defined administrator passwords and IPsec VPN pre-shared keys.

config system password-policy

Description: Configure password policy for locally defined administrator passwords and IPsec VPN pre-shared keys.

set status [enable|disable]

set apply-to {option1}, {option2}, ...

set minimum-length {integer}

set min-lower-case-letter {integer}

set min-upper-case-letter {integer}

set min-non-alphanumeric {integer}

set min-number {integer}

set min-change-characters {integer}

set expire-status [enable|disable]

set expire-day {integer}

set reuse-password [enable|disable]

end

config system password-policy

Parameter

Description

Type

Size

Default

status

Enable/disable setting a password policy for locally defined administrator passwords and IPsec VPN pre-shared keys.

option

-

disable

Option

Description

enable

Enable password policy.

disable

Disable password policy.

apply-to

Apply password policy to administrator passwords or IPsec pre-shared keys or both. Separate entries with a space.

option

-

admin-password

Option

Description

admin-password

Apply to administrator passwords.

ipsec-preshared-key

Apply to IPsec pre-shared keys.

minimum-length

Minimum password length .

integer

Minimum value: 8 Maximum value: 128

8

min-lower-case-letter

Minimum number of lowercase characters in password .

integer

Minimum value: 0 Maximum value: 128

0

min-upper-case-letter

Minimum number of uppercase characters in password .

integer

Minimum value: 0 Maximum value: 128

0

min-non-alphanumeric

Minimum number of non-alphanumeric characters in password .

integer

Minimum value: 0 Maximum value: 128

0

min-number

Minimum number of numeric characters in password .

integer

Minimum value: 0 Maximum value: 128

0

min-change-characters

Minimum number of unique characters in new password which do not exist in old password .

integer

Minimum value: 0 Maximum value: 128

0

expire-status

Enable/disable password expiration.

option

-

disable

Option

Description

enable

Passwords expire after expire-day days.

disable

Passwords do not expire.

expire-day

Number of days after which passwords expire .

integer

Minimum value: 1 Maximum value: 999

90

reuse-password

Enable/disable reuse of password. If both reuse-password and min-change-characters are enabled, min-change-characters overrides.

option

-

enable

Option

Description

enable

Administrators are allowed to reuse the same password.

disable

Administrators must create a new password.

config system password-policy

Configure password policy for locally defined administrator passwords and IPsec VPN pre-shared keys.

config system password-policy

Description: Configure password policy for locally defined administrator passwords and IPsec VPN pre-shared keys.

set status [enable|disable]

set apply-to {option1}, {option2}, ...

set minimum-length {integer}

set min-lower-case-letter {integer}

set min-upper-case-letter {integer}

set min-non-alphanumeric {integer}

set min-number {integer}

set min-change-characters {integer}

set expire-status [enable|disable]

set expire-day {integer}

set reuse-password [enable|disable]

end

config system password-policy

Parameter

Description

Type

Size

Default

status

Enable/disable setting a password policy for locally defined administrator passwords and IPsec VPN pre-shared keys.

option

-

disable

Option

Description

enable

Enable password policy.

disable

Disable password policy.

apply-to

Apply password policy to administrator passwords or IPsec pre-shared keys or both. Separate entries with a space.

option

-

admin-password

Option

Description

admin-password

Apply to administrator passwords.

ipsec-preshared-key

Apply to IPsec pre-shared keys.

minimum-length

Minimum password length .

integer

Minimum value: 8 Maximum value: 128

8

min-lower-case-letter

Minimum number of lowercase characters in password .

integer

Minimum value: 0 Maximum value: 128

0

min-upper-case-letter

Minimum number of uppercase characters in password .

integer

Minimum value: 0 Maximum value: 128

0

min-non-alphanumeric

Minimum number of non-alphanumeric characters in password .

integer

Minimum value: 0 Maximum value: 128

0

min-number

Minimum number of numeric characters in password .

integer

Minimum value: 0 Maximum value: 128

0

min-change-characters

Minimum number of unique characters in new password which do not exist in old password .

integer

Minimum value: 0 Maximum value: 128

0

expire-status

Enable/disable password expiration.

option

-

disable

Option

Description

enable

Passwords expire after expire-day days.

disable

Passwords do not expire.

expire-day

Number of days after which passwords expire .

integer

Minimum value: 1 Maximum value: 999

90

reuse-password

Enable/disable reuse of password. If both reuse-password and min-change-characters are enabled, min-change-characters overrides.

option

-

enable

Option

Description

enable

Administrators are allowed to reuse the same password.

disable

Administrators must create a new password.