What’s new in FortiOS Version 4.0 MR1 Password policy
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 75
http://docs.fortinet.com/ • Feedback
Password policy
Optionally, you can set a password policy to require more secure passwords than the
FortiGate defaults. The password policy can apply to administrators or IPsec VPN pre-
shared keys. You can
• require the use of special characters in the password
• require periodic password changes
• set a minimum amount of change in the new password (available in CLI only)
To set a password policy - web-based manger
1 Go to System > Admin > Settings.
2 In the Password Policy section, configure the following:
3 Configure other administration settings as needed.
4 Select Apply.
To set a password policy - CLI
config system password-policy
set status {enable | disable}
set apply-to [admin-password ipsec-preshared-key]
set change-4-characters {enable | disable}
set expire <days>
set minimum-length <chars>
Enable Select to enable the password policy.
Minimum Length Set the minimum acceptable length for passwords.
Must contain Select any of the following special character types to require in a
password. Each selected type must occur at least once in the
password.
Upper Case Letters — A, B, C, ... Z
Lower Case Letters — a, b, c, ... z
Numerical digits — 0, 1, 2, 3, 4, 5, 6, 7 8, 9
Non-alphanumeric letters — punctuation marks, @,#, %, etc.
Apply Password
Policy to
Select where to apply the password policy:
Admin Password — Apply to administrator passwords. If any
password does not conform to the policy, require that administrator
to change the password at the next login.
IPSEC Preshared Key — Apply to preshared keys for IPSec VPNs.
The policy applies only to new preshared keys. You are not required
to change existing preshared keys.
Admin Password
Expires after n days
Require administrators to change password after a specified
number of days. Specify 0 if you do not want to require periodic
password changes.
To Next Page
Loading...
