PreviousNext

ANIXIS Web Site

Password Policy Enforcer

Character Rules

PPE has six Character rules that reject passwords if they contain, or do not contain certain characters. These rules can increase password strength, or ensure password compatibility with other systems.

The six Character rules are identical, but they each have their own default character set. A character set is the collection of characters that each rule searches for when checking a password. The six rules, and their default character sets are:

Rule
Default character set
Alpha Lower    
Lowercase alphabetic (a - z)
Alpha Upper
Uppercase alphabetic (A - Z)
Alpha
Uppercase and lowercase alphabetic (a - z & A - Z)
Numeric
Numerals (0 - 9)
Special
All characters not included above
High
All characters above ANSI 126


Select the Enabled check box to enable the Character rule.

Select the contain option if this rule should ensure that new passwords contain certain characters. Only one character is required by default, but you can specify a different value by choosing the required number of characters from the drop-down list beside the contain option.

Select the not contain any... option if this rule should ensure that new passwords do not contain certain characters.

If you want to restrict this rule to certain character positions, then choose the starting position from the in position drop-down list, and the ending position from the to drop-down list. For example, you may want to define a rule that requires a numeric character in the second character position to maintain compatibility with some other system.

Select the Embedded check box if users are required to embed these characters within their passwords. For example, the passwords "12hello", "1hello", and "hello$987" do not contain any embedded numeric characters, but these passwords do contain embedded numeric characters (shown in bold type): "he7llo", "4he3llo", "23hello7$45". Embedded Numeric and Special characters help to protect passwords from hybrid cracking algorithms.

Type a character set name in the Name text box. The Password Policy Client displays the new name, but the PPE management console continues to display the original character set name.

Type some characters in the Characters text box if you would like to define a custom character set. For example, enter "AaEeIiOoUu" to create a vowel character set. If your custom character set contains a space character, then place the space character between two other characters.

Click the Messages tab to customize the Password Policy Client rule inserts for this rule.

The First Character, Last Character, and Complexity rules are easier to configure, and easier for users to understand. Use these rules instead of the Character rules if they can enforce your desired policy.

You can combine character rules to enforce complex requirements. For example, the images below show how to enforce the rule "passwords must contain a numeric character, but not in the first position".


Must contain numeric character

Not in the first position

© Copyright 1998 - 2011 ANIXIS.
All rights reserved.
PreviousNext