20 Security GuideNOTE: Please be aware that Xerox Customer Support Personnelmust have access to the new root password for service andsupport. It is the customer's responsibility to ensure that the rootand system administrator passwords are available for them.Strong PasswordsThe Xerox FreeFlow Print Server provides additional security forusers required to adhere to strict security guidelines. It provides ameans in which a strong password policy can be enforced.Strong Passwords can be Enabled and Disabled (default setting)via the Password Policies window.Strong passwords must consist of ALL of the following• A minimum of 8 characters in length• Contain at least one capital letter• Contain at least one number• Contain at least one special character {!, @, #, $, %, ^, &, *},including open and close parentheses { ( ) }, hyphen{ - },underscore{ _ }, and period{ . }.NOTE: The strong password requirements cannot be modified. Astrong password cannot be set for root or any other Solaris useraccounts that are not created by the Xerox FreeFlow Print Server.NOTE: Remote Network Server: If running NIS+ name service,strong passwords would be enforced via the NIS + server.This policy can be set by using the -a <# of allowed attempts>argument with rpc.nispasswdd. For example, to limit users to nomore than four attempts (the default is 3), you would type:rpc.nispasswd -a 4.How to Enable/Disable Strong Password• From the Setup menu select [Users and Groups]• From the Policies drop down menu select [Password]• Enable/Disable Strong Password from the Password Policieswindow. The default setting is “Disable”.Login Attempts AllowedThe Xerox FreeFlow Print Server has provided a means to lockoutusers after reaching the maximum number of consecutiveattempts. Once this is done, the user will need to apply (reset) asecurity policy and reboot the system.The number of failed attempts and enable/disable is configurablevia the Password Policy screen. When enabled, login attemptscan be set from 1-6 attempts before the user is locked out. This