Skip to main content
commvault.com commvault.com
Solved

Impact of changing the Password complexity level

  • January 17, 2023
  • 5 replies
  • 1735 views
Gaetano
Byte
Forum|alt.badge.img+8

Dear all,

our Health Report recommends to change the Password Complexity Level from 2 to 3. Once changed, will there be any impact on the current operations in the sense that any job will stop working due to a non-satisfactory password? Is there any way to know which users will be impacted?

 

Sorry if this question sounds a bit dummy

Have a nice day

Gaetano

Best answer by Sean Crifasi

Hi @Gaetano,

I did a quick test in my lab this morning to confirm for you. In summary, increasing the complexity only impacts new password changes or new account creations not existing users passwords (which is a good thing in my opinion!).

For clarification up front, password complexity level 2 is default even if the setting isn’t in place.

  • I created a new user with a password meeting complexity for level 2 (at least eight characters, one uppercase letter, one lowercase letter, one number, and one special character.)
  • Gave the user some basic permissions and confirmed logon is fine
  • Now I set the complexity to 3 and cycled the Commserve services as required
  • I confirmed my test account logon is still successful with no change
  • However If I want to change the password now I can’t use something similar to before I have to meet the new complexity requirement 
  • Complexity level 3 (minimum of twelve characters. It must be a combination of at least two uppercase letters, two lowercase letters, two numbers, and two special characters.)
  • Same was true for attempting to create a new account now

 

Let me know if you have any additional questions regarding this!

Kind Regards,
Sean

View original
Did this answer your question?

5 replies

Sean Crifasi
Vaulter
Forum|alt.badge.img+9
  • Sean CrifasiVaulter
  • Vaulter
  • 98 replies
  • Answer
  • January 17, 2023

Hi @Gaetano,

I did a quick test in my lab this morning to confirm for you. In summary, increasing the complexity only impacts new password changes or new account creations not existing users passwords (which is a good thing in my opinion!).

For clarification up front, password complexity level 2 is default even if the setting isn’t in place.

  • I created a new user with a password meeting complexity for level 2 (at least eight characters, one uppercase letter, one lowercase letter, one number, and one special character.)
  • Gave the user some basic permissions and confirmed logon is fine
  • Now I set the complexity to 3 and cycled the Commserve services as required
  • I confirmed my test account logon is still successful with no change
  • However If I want to change the password now I can’t use something similar to before I have to meet the new complexity requirement 
  • Complexity level 3 (minimum of twelve characters. It must be a combination of at least two uppercase letters, two lowercase letters, two numbers, and two special characters.)
  • Same was true for attempting to create a new account now

 

Let me know if you have any additional questions regarding this!

Kind Regards,
Sean

V
1 person likes this
  • V
    Vignesh.b
Gaetano
Byte
Forum|alt.badge.img+8
  • Gaetano
  • Author
  • Byte
  • 61 replies
  • January 17, 2023
Sean Crifasi wrote:

Hi @Gaetano,

I did a quick test in my lab this morning to confirm for you. In summary, increasing the complexity only impacts new password changes or new account creations not existing users passwords (which is a good thing in my opinion!).

For clarification up front, password complexity level 2 is default even if the setting isn’t in place.

  • I created a new user with a password meeting complexity for level 2 (at least eight characters, one uppercase letter, one lowercase letter, one number, and one special character.)
  • Gave the user some basic permissions and confirmed logon is fine
  • Now I set the complexity to 3 and cycled the Commserve services as required
  • I confirmed my test account logon is still successful with no change
  • However If I want to change the password now I can’t use something similar to before I have to meet the new complexity requirement 
  • Complexity level 3 (minimum of twelve characters. It must be a combination of at least two uppercase letters, two lowercase letters, two numbers, and two special characters.)
  • Same was true for attempting to create a new account now

 

Let me know if you have any additional questions regarding this!

Kind Regards,
Sean

Hi @Sean Crifasi ,

thank you so much for your detailed explanation and for the test, it is exactly what I needed to make the recommended change with confidence.

Have a nice day!

Gaetano

Sean Crifasi
1 person likes this
  • Sean Crifasi
    Sean Crifasi
S
Bit
Forum|alt.badge.img

Hi, 

 

I was to setup password complexity level 3 for my Commvault environment. can anyone suggest where from it can be done? 

 

Thanks & Regards

Sanjay Kumar

 

Sean Crifasi
Vaulter
Forum|alt.badge.img+9

@Sanjay Kumar 

please see the below doc
https://documentation.commvault.com/2022e/expert/8091_setting_strength_requirements_for_user_passwords.html

S
V
2 people like this
  • S
    Sanjay Kumar
  • V
    Vignesh.b
S
Bit
Forum|alt.badge.img

Thank you so much!  @Sean Crifasi 

Reply


Most helpful members this week

Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings