Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Configuring Local Authentication
The local database consists of a list of guest and employee users. All users are authenticated by their username and password against the local user database. You must configure password complexity and lockout conditions for local user accounts.
To configure local authentication, complete the following steps:
- In the HPE GreenLake account home page, click .
The Manage Account page is displayed.
-
Click the Authentication card.
The Authentication page is displayed by default.
-
Click the Local Authentication tab.
-
Configure the following parameters:
- Password complexity—Define the minimum length and mandatory characters for the password. By default, the minimum password length is set to 8 characters and the maximum length is 72 characters.
You can use @, $, #, !, %, ^, &, *, ~, {, }, (, ), \, ', ;, :, <, and > as special characters in the password.
Select the following complexity parameter(s) to be used in the password:
For example, if Uppercase and Symbols are selected. Then, it indicates that the password must contain an uppercase character and a supported symbol in the password.
Lowercase
Uppercase
Numerals
Symbols
When Symbols option is selected, the Permitted Symbols text box is displayed. Specify the symbols (comma seperated) that are to be mandatory in the password. For example, if @ and # are specified. Then, it indicates that the password must contain @ or # symbol.
-
Change password upon next login—This option appears only when an edit is made on the Local Authentication tab. Enable the toggle switch to force the users to reset the password upon the next log in to the system.
Upon enabling the Change password upon next login option, all the connected users are immediately disconnected and required to reset their password with the new complexity.
-
Lockout & Expiration—Configure the following lockout requirements:
-
Lockout After Failed Attempts—Enable the toggle switch to activate lockout and expiration requirements.
-
Failed Attempts Limit—Specify the number of failed attempts after which the account must be locked out. For example, if it is set to 2. The account is locked after 2 failed attempts to log in. By default, the attempts must be between minimum 1 and maximum 20.
-
Failed Attempts Lockout Time—Specify the number of minutes of the lockout. For example, if it is set to 10 minutes. The account is locked for 10 minutes and does not allow the user to log in even with the correct password for 10 minutes. By default, the minutes must be between minimum 1 and maximum 120.
-
Inactive Account Lockout—Specify the number of days for an inactive account lockout. For example, if it is set to 30 days. It indicates that if the user did not log in to the account for 30 days, then the account is locked after 30 days. By default, the days must be between minimum 30 and maximum 365.
-
Password Expiration—Specify the number of days for password expiration.
-
- Password complexity—Define the minimum length and mandatory characters for the password. By default, the minimum password length is set to 8 characters and the maximum length is 72 characters.
-
Click Save Changes.
The confirmation window is displayed and all active users linked to the customer account are logged out from the session. Upon logging in, the user is prompted to change the password adhering to the new password complexity parameters.
Figure 1 Confirmation Window
Figure 2 Reset Password Prompt with New Complexity Requirements
