You can set the minimum life span of a password. This is the number of days since a password was changed until it can be changed again.
You can use this to prevent people from changing their password many times to fill up the password history.
To set the minimum life span of passwords, use the following command:
set password-min-age = number-days | 0 ;
Example: Set Password History Rules
You want to make users change their passwords at least every two weeks, and you want to prevent users from reusing any of their last 20 passwords.
However, you also want to prevent them from changing their password more than once a day to "flush" their password history.
To do this, use the following commands:
set password-policy = true; set password-age = 14; set password-history = 20 set password-min-age = 1;
Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |