diff --git a/docs/cc_fips_conductor_install.md b/docs/cc_fips_conductor_install.md index fc4ade1742..bd8e49c99e 100644 --- a/docs/cc_fips_conductor_install.md +++ b/docs/cc_fips_conductor_install.md @@ -179,9 +179,10 @@ Conductor High Availability for Cloud Deployments is not supported under Common 4. On the **Password Setup** screen, create a password for the SSR Admin user. The administrator password must be: - At least 9 characters long - - Contain at least 1 uppercase letter - - At least 1 lowercase letter - - At least 1 number + - Contain at least one uppercase letter + - At least one lowercase letter + - At least one number + - At least one special character (` ! @ # $ % ^ & * ( ) _ + ? ~ " -) - Cannot contain the username in any form - Cannot repeat characters more than 3 times This operation is only performed on the standalone or first node in the HA peer, and the password must be entered twice. For supporting password information, see [Username and Password Policies](cc_fips_config_password_policies.md). diff --git a/docs/cc_fips_config_password_policies.md b/docs/cc_fips_config_password_policies.md index 5940ceec3b..ccb3f93a9b 100644 --- a/docs/cc_fips_config_password_policies.md +++ b/docs/cc_fips_config_password_policies.md @@ -9,7 +9,7 @@ Username and password requirements are listed below. For a list of the commands The SSR password policies have been updated to provide a more secure experience. When creating passwords and password policies for users, the following parameters are enforced. -1. Password must contain 1 capital, 1 lower case, 1 number and 1 special character. +1. Password must contain one capital letter, one lower case letter, one number, and one special character (` ! @ # $ % ^ & * ( ) _ + ? ~ " -). 2. Password must be at least 9 characters. 3. Minimum password length is configurable (greater than 9). 4. When a password is changed, characters must be changed in at least eight of the positions within the password. diff --git a/docs/cli_reference.md b/docs/cli_reference.md index 6592b3f9c5..ba378d34f5 100755 --- a/docs/cli_reference.md +++ b/docs/cli_reference.md @@ -1003,7 +1003,7 @@ create user [] The `create user` command allows administrators to create user accounts for user and/or administrative access to the SSR's management port. Issuing the `create user ` launches an interactive session that prompts for the new user's full name, password, whether they are an administrative or basic user, and the enabled/disabled state of that user account. :::note -The password must be at least eight characters long, with at least one uppercase letter, one lowercase letter, one digit, and cannot contain any characters that repeat more than three times. Please see [Password Policies](config_password_policies.md) for additional information. +The password must be at least eight characters long, with at least one uppercase letter, one lowercase letter, one digit, one special character (` ! @ # $ % ^ & * ( ) _ + ? ~ " -), and cannot contain any characters that repeat more than three times. Please see [Password Policies](config_password_policies.md) for additional information. ::: #### Example @@ -1718,7 +1718,7 @@ edit user [] #### Description :::note -The password must be at least eight characters long, with at least one uppercase letter, one lowercase letter, one digit, and cannot contain any characters that repeat more than three times. +The password must be at least eight characters long, with at least one uppercase letter, one lowercase letter, one digit, one special character (` ! @ # $ % ^ & * ( ) _ + ? ~ " -), and cannot contain any characters that repeat more than three times. ::: The _edit user_ command enters a configuration subtree specific to administering user accounts. From within this subtree, administrators can change any of the attributes associated with a user account (full name, password, role, and enabled state). This is done in a "configuration-like" way, where commands are issued as _attribute value_. diff --git a/docs/config_password_policies.md b/docs/config_password_policies.md index 5f12a3c1c4..f8cc5c5ec2 100644 --- a/docs/config_password_policies.md +++ b/docs/config_password_policies.md @@ -13,7 +13,7 @@ sidebar_label: Username and Password Policies The SSR password policies have been updated to provide a more secure experience. When creating passwords and password policies for users, the following parameters are enforced. -1. Password must contain 1 capital, 1 lower case, 1 number and 1 special character. +1. Password must contain at least: one capital letter, one lower case letter, one number, and one special character (` ! @ # $ % ^ & * ( ) _ + ? ~ " -). 2. Password must be at least 9 characters. 3. Minimum password length is configurable (greater than 9). 4. When a password is changed, characters must be changed in at least eight of the positions within the password. diff --git a/docs/config_password_security.md b/docs/config_password_security.md index fa77716ac5..2d5a419928 100644 --- a/docs/config_password_security.md +++ b/docs/config_password_security.md @@ -9,7 +9,7 @@ Password security is one of the first lines of defense for every organization, a Setting the password for the system accounts (`admin`, `root`, and `t128`) is performed during initialization from either the web interface, the conductor command line, or the interactive intializer. All system account passwords are set to the same value, preventing any of the account passwords from being overlooked. -Create a password for the SSR system accounts. The password must be at least 9 characters long, contain at least 1 uppercase letter, at least 1 lowercase letter, at least 1 number, cannot contain the username in any form, and cannot repeat characters more than 3 times. +Create a password for the SSR system accounts. The password must be at least nine (9) characters long, contain at least one uppercase letter, at least one lowercase letter, at least one number, at least one special character (` ! @ # $ % ^ & * ( ) _ + ? ~ " -), cannot contain the username in any form, and cannot repeat characters more than three (3) times. ### From the Web Interface