Configuring UAA Password Policy

Page last updated:

If your PAS deployment uses the internal user store for authentication, you can configure its password policy within the PAS tile.

Open the Internal UAA Configuration

To open the internal UAA configuration for your deployment:

  1. In a browser, navigate to the fully qualified domain name (FQDN) of your Ops Manager and log in.

  2. Click the PAS tile.

  3. Select Authentication and Enterprise SSO on the Settings tab.

    The page header says 'Authentication and Enterprise SSO'. Below this header is the text 'For help configuring these fields, see the Configure Authentication and Enterprise SSO section of the Configuring PAS topic in the PCF documentation,' with 'Configure Authentication and Enterprise SSO' in blue letters to denote a clickable link. Below this text is the text 'Configure your UAA user account store with either internal or external authentication mechanisms:', with a red asterisk to denote that it is a required field. Below this text is a selected radio button labeled 'Internal UAA'. Below this radio button are fields labeled, from top to bottom: 'Minimum password length', 'Minimum uppercase characters', 'Minimum lowercase characters', 'Minimum numerical digits', 'Minimum special characters', and 'Maximum password entry attempts allowed'. All of these fields are marked with red asterisks. All fields contain the text '0' except for 'Maximum password entry attempts allowed', which contains the text '5'. Below these fields are two more radio buttons labeled 'SAML identity provider' and 'LDAP server'. At the bottom of the image is a blue rectangular button labeled 'Save'.

  4. Confirm that the Internal UAA option is selected.

Set Password Requirements and Entry Attempts

To set password requirements and the maximum password entry attempts allowed:

  1. For Minimum password length, enter the minimum number of characters for a valid password.

  2. For Minimum uppercase characters, enter the minimum number of uppercase characters required for a valid password.

  3. For Minimum lowercase characters, enter the minimum number of lowercase characters required for a valid password.

  4. For Minimum numerical digits, enter the minimum number of digits required for a valid password.

  5. For Minimum special characters, enter the minimum number of special characters required for a valid password.

  6. For Maximum password entry attempts allowed, enter the maximum number of failures allowed to enter a password within a five-minute timespan before the account is locked.