FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
jngouo_FTNT
Staff
Staff
Article Id 195087

Description


The purpose of this article is to configure a password policy in the FortiManager and install it on a managed FortiGate.


Solution


In the case of Password Policy configuration, use the CLI-Only objects section, a section normally used to cover configuration handled only via the CLI in FortiOS.

From Device Manager -> All FortiGates, access the FortiGate dashboard of the FortiGate to be configured.

From the Menu, select CLI Only Objects.

Go to System -> Password-policy and configure the parameters that need to be enforce as follows:

apply-to [admin-password |ipsec-preshared-key] -------Select where the policy applies: administrator passwords or IPSec preshared keys.

change-4-characters {enable | disable}---------------------Enable to require the new password to differ from the old password by at least four characters.

expire <days> ------------------------------------- Set time to expiry in days. Enter 0 for no expiry

minimum-length <chars>------------------------ Set the minimum length of password in characters. Range 8 to 32.

min-lower-case-letter<num_int>--------------- Enter the minimum number of required lower case letters in every password.

min-upper-case-letter<num_int>-------------- Enter the minimum number of required upper case letters in every password.

min-non-alphanumeric <num_int>------------ Enter the minimum number of required nonalphanumeric characters in every password.

min-number<num_int> -------------------------- Enter the minimum number of number characters required in every password.

expire-status{enable | disable}----------------- Enable to have passwords expire.

expire-day <num_int>---------------------------- Enter the number of days before the current password is expired and the user will be required to change their password.  This option is available only when expire-status is set to enable.                                                                              
status {enable | disable}------------------------- Enable password policy.

 Select Apply to save the configuration.


 Select the Install wizard to install the settings to the FortiGate.

Contributors