Chapter 9: Security Management224Strong PasswordsStrong passwords provide more secure local authentication for thesystem. Using strong passwords, you can specify the format of valid KXII local passwords such as minimum and maximum length, requiredcharacters, and password history retention.Strong passwords require user-created passwords to have a minimum of8 characters with at least one alphabetical character and onenonalphabetical character (punctuation character or number). In addition,the first four characters of the password and the user name cannotmatch.When selected, strong password rules are enforced. Users withpasswords not meeting strong password criteria will automatically berequired to change their password on their next login. When deselected,only the standard format validation is enforced. When selected, thefollowing fields are enabled and required:Field DescriptionMinimum length of strongpasswordPasswords must be at least 8characters long. The default is 8, butadministrators can change the minimumto 63 characters.Maximum length of strongpasswordThe default minimum length is 8, butadministrators can set the maximum toa default of 16 characters. Themaximum length of strong passwords is63 characters.Enforce at least one lowercase characterWhen checked, at least one lower casecharacter is required in the password.Enforce at least one uppercase characterWhen checked, at least one upper casecharacter is required in the password.Enforce at least onenumeric characterWhen checked, at least one numericcharacter is required in the password.Enforce at least oneprintable special characterWhen checked, at least one specialcharacter (printable) is required in thepassword.Number of restrictedpasswords based on historyThis field represents the passwordhistory depth. That is, the number ofprior passwords that cannot berepeated. The range is 1-12 and thedefault is 5.