Data ONTAP provides several methods you can use to ensure the password policies for your storage systems meet your company's security requirements.
Password rules enable you to specify rules for valid passwords. You use the security.passwd.rules options to specify password rules. For more information, see the na_options(1) man page.
Password history enables you to require users to rotate through a specified number of passwords, rather than simply using the same password every time. You use the security.passwd.rules.history option to specify password history. The default value is 0, which does not enforce this rule. For more information, see the na_options(1) man page.
Password lockout enables you to lock users out after a specified number of unsuccessful login attempts. This is to prevent an unauthorized user from attempting to guess a password. You use the security.passwd.lockout.numtries option to specify password lockout. The default value is 0, which does not enforce this rule. For more information, see the na_options(1) man page.
The password reset requirement enables you to require that all new users (except for root) reset their passwords when they log in for the first time. Users must also reset their passwords the first time they log in after another user has changed their password.
You set the security.passwd.firstlogin.enable option to on to enable this requirement. The default value is off.
For more information, see the na_options(1) man page.