Configure Password Aging Control Policies

Language:

The storage servers support a variety of password aging controls, including parameters to control the maximum number of days a password is used, the minimum number of days between passwords changes, and the number of days in advance of password expiration that a user is warned.

To comply with U.S. Department of Defense security and PCI-DSS requirements, use the U.S. Department of Defense values in this table.

Policy	Oracle Default Value	DOD Value
Maximum password lifetime	90 days	60 days
Minimum password lifetime	1 day	1 day
Minimum password length	8 characters	15 characters
Password expiration warning	7 days	7 days

To change any of these parameters, perform this procedure.

Log into the storage server as celladmin.
See Log into the Storage Server OS.

View the current settings.

# /opt/oracle.cellos/host_access_control password-policy --status

Configure these policies according to your site password policies.
- Change the maximum password lifetime parameter.
```
# /opt/oracle.cellos/host_access_control password-policy --PASS_MAX_DAYS 60
```
- Change the minimum password lifetime parameter.
```
# /opt/oracle.cellos/host_access_control password-policy --PASS_MIN_DAYS 1
```
- Change the minimum password length parameter.
```
# /opt/oracle.cellos/host_access_control password-policy --PASS_MIN_LEN 15
```
- Change the password expiration warning parameter.
```
# /opt/oracle.cellos/host_access_control password-policy --PASS_WARN_AGE 7
```

To verify the settings, repeat Step 2.