The vCenter Single Sign-On password policy is a set of rules and restrictions on the format and expiration of vCenter Single Sign-On user passwords. The password policy applies only to users in the vCenter Single Sign-On domain (vsphere.local).

By default, vCenter Single Sign-On passwords expire after 90 days. The vSphere Web Client reminds you when your password is about to expire.

1

Log in to the vSphere Web Client as administrator@vsphere.local or as another user with vCenter Single Sign-On administrator privileges.

Users with vCenter Single Sign-On administrator privileges are in the Administrators group in the vsphere.local domain.

2

Browse to Administration > Single Sign-On > Configuration.

3

Click the Policies tab and select Password Policies.

4

Click Edit.

5

Edit the password policy parameters.

Option

Description

Description

Password policy description.

Maximum lifetime

Maximum number of days that a password can exist before the user must change it.

Restrict reuse

Number of the user's previous passwords that cannot be selected. For example, if a user cannot reuse any of the last six passwords, type 6.

Maximum length

Maximum number of characters that are allowed in the password.

Minimum length

Minimum number of characters required in the password. The minimum length must be no less than the combined minimum of alphabetic, numeric, and special character requirements.

Character requirements

Minimum number of different character types that are required in the password. You can specify the number of each type of character, as follows:

Special: & # %

Alphabetic: A b c D

Uppercase: A B C

Lowercase: a b c

Numeric: 1 2 3

The minimum number of alphabetic characters must be no less than the combined uppercase and lowercase requirements.

In vSphere 6.0 and later, non-ASCII characters are supported in passwords. In earlier versions of vCenter Single Sign-On, limitations on supported characters exist.

Identical adjacent characters

Maximum number of identical adjacent characters that are allowed in the password. The number must be greater than 0. For example, if you enter 1, the following password is not allowed: p@$$word.

6

Click OK.