104Configuring password controlOverviewPassword control refers to a set of functions provided by the device to manage login and super passwordsetup, expirations, and updates for device management users, and to control user login status based onpredefined policies.Local users are divided into two types: device management users and network access users. This featureapplies only to device management users. For more information about local users, see "ConfiguringAAA."Password settingMinimum password lengthYou can define the minimum length of user passwords. If a user enters a password that is shorter than theminimum length, the system rejects the password.Password composition policyA password can be a combination of characters from the following types:• Uppercase letters A to Z.• Lowercase letters a to z.• Digits 0 to 9.• Special characters. For information about special characters, see the password-control compositioncommand in Security Command Reference.Depending on the system's security requirements, you can set the minimum number of character types apassword must contain and the minimum number of characters for each type as shown in Table 7.Table 7 Password composition policyPassword combinationlevelMinimum number ofcharacter typesMinimum number of characters foreach typeLevel 1 One OneLevel 2 Two OneLevel 3 Three OneLevel 4 Four OneIn non-FIPS mode, all the combination levels are available for a password. In FIPS mode, only the level4 combination is available for a password.When a user sets or changes a password, the system checks if the password meets the combinationrequirement. If the password does not meet the requirement, the operation fails.