From c6ea7169a93166b36044837fc278479c06271744 Mon Sep 17 00:00:00 2001 From: Chris Date: Mon, 16 Mar 2026 12:42:49 -0400 Subject: [PATCH 1/2] update password info for special character --- docs/cc_fips_conductor_install.md | 1 + docs/cli_reference.md | 4 ++-- docs/config_password_security.md | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/cc_fips_conductor_install.md b/docs/cc_fips_conductor_install.md index fc4ade1742..ebc6effe88 100644 --- a/docs/cc_fips_conductor_install.md +++ b/docs/cc_fips_conductor_install.md @@ -182,6 +182,7 @@ Conductor High Availability for Cloud Deployments is not supported under Common - Contain at least 1 uppercase letter - At least 1 lowercase letter - At least 1 number + - At least one special character - Cannot contain the username in any form - Cannot repeat characters more than 3 times This operation is only performed on the standalone or first node in the HA peer, and the password must be entered twice. For supporting password information, see [Username and Password Policies](cc_fips_config_password_policies.md). diff --git a/docs/cli_reference.md b/docs/cli_reference.md index 6592b3f9c5..6e48fa066b 100755 --- a/docs/cli_reference.md +++ b/docs/cli_reference.md @@ -1003,7 +1003,7 @@ create user [] The `create user` command allows administrators to create user accounts for user and/or administrative access to the SSR's management port. Issuing the `create user ` launches an interactive session that prompts for the new user's full name, password, whether they are an administrative or basic user, and the enabled/disabled state of that user account. :::note -The password must be at least eight characters long, with at least one uppercase letter, one lowercase letter, one digit, and cannot contain any characters that repeat more than three times. Please see [Password Policies](config_password_policies.md) for additional information. +The password must be at least eight characters long, with at least one uppercase letter, one lowercase letter, one digit, one special character, and cannot contain any characters that repeat more than three times. Please see [Password Policies](config_password_policies.md) for additional information. ::: #### Example @@ -1718,7 +1718,7 @@ edit user [] #### Description :::note -The password must be at least eight characters long, with at least one uppercase letter, one lowercase letter, one digit, and cannot contain any characters that repeat more than three times. +The password must be at least eight characters long, with at least one uppercase letter, one lowercase letter, one digit, one special character, and cannot contain any characters that repeat more than three times. ::: The _edit user_ command enters a configuration subtree specific to administering user accounts. From within this subtree, administrators can change any of the attributes associated with a user account (full name, password, role, and enabled state). This is done in a "configuration-like" way, where commands are issued as _attribute value_. diff --git a/docs/config_password_security.md b/docs/config_password_security.md index fa77716ac5..21eeec61e4 100644 --- a/docs/config_password_security.md +++ b/docs/config_password_security.md @@ -9,7 +9,7 @@ Password security is one of the first lines of defense for every organization, a Setting the password for the system accounts (`admin`, `root`, and `t128`) is performed during initialization from either the web interface, the conductor command line, or the interactive intializer. All system account passwords are set to the same value, preventing any of the account passwords from being overlooked. -Create a password for the SSR system accounts. The password must be at least 9 characters long, contain at least 1 uppercase letter, at least 1 lowercase letter, at least 1 number, cannot contain the username in any form, and cannot repeat characters more than 3 times. +Create a password for the SSR system accounts. The password must be at least nine (9) characters long, contain at least one uppercase letter, at least one lowercase letter, at least one number, at least one special character, cannot contain the username in any form, and cannot repeat characters more than three (3) times. ### From the Web Interface From 28fe7fff4e082efe6b6039cb08c57e3febae9881 Mon Sep 17 00:00:00 2001 From: Chris Date: Mon, 16 Mar 2026 16:16:01 -0400 Subject: [PATCH 2/2] adding list of special characters --- docs/cc_fips_conductor_install.md | 8 ++++---- docs/cc_fips_config_password_policies.md | 2 +- docs/cli_reference.md | 4 ++-- docs/config_password_policies.md | 2 +- docs/config_password_security.md | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/docs/cc_fips_conductor_install.md b/docs/cc_fips_conductor_install.md index ebc6effe88..bd8e49c99e 100644 --- a/docs/cc_fips_conductor_install.md +++ b/docs/cc_fips_conductor_install.md @@ -179,10 +179,10 @@ Conductor High Availability for Cloud Deployments is not supported under Common 4. On the **Password Setup** screen, create a password for the SSR Admin user. The administrator password must be: - At least 9 characters long - - Contain at least 1 uppercase letter - - At least 1 lowercase letter - - At least 1 number - - At least one special character + - Contain at least one uppercase letter + - At least one lowercase letter + - At least one number + - At least one special character (` ! @ # $ % ^ & * ( ) _ + ? ~ " -) - Cannot contain the username in any form - Cannot repeat characters more than 3 times This operation is only performed on the standalone or first node in the HA peer, and the password must be entered twice. For supporting password information, see [Username and Password Policies](cc_fips_config_password_policies.md). diff --git a/docs/cc_fips_config_password_policies.md b/docs/cc_fips_config_password_policies.md index 5940ceec3b..ccb3f93a9b 100644 --- a/docs/cc_fips_config_password_policies.md +++ b/docs/cc_fips_config_password_policies.md @@ -9,7 +9,7 @@ Username and password requirements are listed below. For a list of the commands The SSR password policies have been updated to provide a more secure experience. When creating passwords and password policies for users, the following parameters are enforced. -1. Password must contain 1 capital, 1 lower case, 1 number and 1 special character. +1. Password must contain one capital letter, one lower case letter, one number, and one special character (` ! @ # $ % ^ & * ( ) _ + ? ~ " -). 2. Password must be at least 9 characters. 3. Minimum password length is configurable (greater than 9). 4. When a password is changed, characters must be changed in at least eight of the positions within the password. diff --git a/docs/cli_reference.md b/docs/cli_reference.md index 6e48fa066b..ba378d34f5 100755 --- a/docs/cli_reference.md +++ b/docs/cli_reference.md @@ -1003,7 +1003,7 @@ create user [] The `create user` command allows administrators to create user accounts for user and/or administrative access to the SSR's management port. Issuing the `create user ` launches an interactive session that prompts for the new user's full name, password, whether they are an administrative or basic user, and the enabled/disabled state of that user account. :::note -The password must be at least eight characters long, with at least one uppercase letter, one lowercase letter, one digit, one special character, and cannot contain any characters that repeat more than three times. Please see [Password Policies](config_password_policies.md) for additional information. +The password must be at least eight characters long, with at least one uppercase letter, one lowercase letter, one digit, one special character (` ! @ # $ % ^ & * ( ) _ + ? ~ " -), and cannot contain any characters that repeat more than three times. Please see [Password Policies](config_password_policies.md) for additional information. ::: #### Example @@ -1718,7 +1718,7 @@ edit user [] #### Description :::note -The password must be at least eight characters long, with at least one uppercase letter, one lowercase letter, one digit, one special character, and cannot contain any characters that repeat more than three times. +The password must be at least eight characters long, with at least one uppercase letter, one lowercase letter, one digit, one special character (` ! @ # $ % ^ & * ( ) _ + ? ~ " -), and cannot contain any characters that repeat more than three times. ::: The _edit user_ command enters a configuration subtree specific to administering user accounts. From within this subtree, administrators can change any of the attributes associated with a user account (full name, password, role, and enabled state). This is done in a "configuration-like" way, where commands are issued as _attribute value_. diff --git a/docs/config_password_policies.md b/docs/config_password_policies.md index 5f12a3c1c4..f8cc5c5ec2 100644 --- a/docs/config_password_policies.md +++ b/docs/config_password_policies.md @@ -13,7 +13,7 @@ sidebar_label: Username and Password Policies The SSR password policies have been updated to provide a more secure experience. When creating passwords and password policies for users, the following parameters are enforced. -1. Password must contain 1 capital, 1 lower case, 1 number and 1 special character. +1. Password must contain at least: one capital letter, one lower case letter, one number, and one special character (` ! @ # $ % ^ & * ( ) _ + ? ~ " -). 2. Password must be at least 9 characters. 3. Minimum password length is configurable (greater than 9). 4. When a password is changed, characters must be changed in at least eight of the positions within the password. diff --git a/docs/config_password_security.md b/docs/config_password_security.md index 21eeec61e4..2d5a419928 100644 --- a/docs/config_password_security.md +++ b/docs/config_password_security.md @@ -9,7 +9,7 @@ Password security is one of the first lines of defense for every organization, a Setting the password for the system accounts (`admin`, `root`, and `t128`) is performed during initialization from either the web interface, the conductor command line, or the interactive intializer. All system account passwords are set to the same value, preventing any of the account passwords from being overlooked. -Create a password for the SSR system accounts. The password must be at least nine (9) characters long, contain at least one uppercase letter, at least one lowercase letter, at least one number, at least one special character, cannot contain the username in any form, and cannot repeat characters more than three (3) times. +Create a password for the SSR system accounts. The password must be at least nine (9) characters long, contain at least one uppercase letter, at least one lowercase letter, at least one number, at least one special character (` ! @ # $ % ^ & * ( ) _ + ? ~ " -), cannot contain the username in any form, and cannot repeat characters more than three (3) times. ### From the Web Interface