Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ Flex Scale Administrator's Guide
  3. NetBackup Flex Scale security
  4. STIG overview for NetBackup Flex Scale
  5. STIG-compliant password policy rules
NetBackup™ Flex Scale Administrator's Guide

STIG-compliant password policy rules

To comply with the Security Technical Implementation Guide (STIG), NetBackup Flex Scale automatically enforces a higher security password policy when the STIG option is enabled. After the STIG option is enabled, all current user passwords that were created under the default policy remain valid. When you change any user passwords, the STIG-compliant policy rules must be followed.

The STIG-compliant password policy rules are listed below:

Password complexity

  • Minimum characters: 15

  • Minimum numbers: 1

  • Minimum lowercase characters: 1

  • Minimum uppercase characters: 1

  • Minimum special characters: 1

    The permitted special characters are: ~!@#$%^&_+ - =[]{},.<>¦

  • Minimum character classes: 4

  • Maximum consecutive repeating characters: 2

  • Maximum consecutive repeating characters of the same type: 4

  • Minimum number of different characters: 8

  • No whitespaces.

  • Dictionary words are not allowed

Password age

  • Days after which a password expires: 60

  • Minimum days before a password can be changed: 1

  • Days before a password must be changed: 60

  • The previous seven passwords cannot be reused.

Password lockout

  • Number of incorrect login attempts before lockout: 3

  • Time before locked account is reenabled (seconds): 604800

  • Time between login failures before account lockout (seconds): 900

Feedback

Was this page helpful?
Previous

STIG overview for NetBackup Flex Scale

Next

Enabling STIG for NetBackup Flex Scale

Feedback

Was this page helpful?