6.4.14 Setting password criteria
You can set password criteria (such as a minimum length and complexity requirements) in a security definition file (security.conf).
After setting password criteria, the system administrator should direct all users to immediately change their passwords.
The new password criteria apply when you add a new user or change the password of an existing user. Because the new criteria do not apply to existing passwords, existing users will be able to log in to the JP1/AO system using passwords that do not meet the criteria. The new password criteria do not apply system-wide until all users have changed their passwords to ones that satisfy the new criteria.
In a cluster system, make sure to specify the same criteria on the active and standby servers.