Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Plain-Text Passwords

Changing the Requirements for Junos OS Plain-Text Passwords

For plain-text password requirements, see Special Requirements for Junos OS Plain-Text Passwords.

To change the requirements for plain-text passwords, include the password statement at the [edit system login] hierarchy level:


These statements apply to plain-text passwords only, not encrypted passwords.

Example: Changing the Requirements for Junos OS Plain-Text Passwords

This example shows how to set various maximum and minimum requirements for plain-text passwords to increase password strength.


This example requires a device running Junos 12.2 or greater. The minimum-length and maximum-length password requirements statements are available in earlier releases, however, you must have Junos OS Release 12.2 or greater to configure minimum-lower-cases, minimum-numerics, minimum-punctuations, or minimum-upper-cases.


You can use a variety of requirements to strengthen plain-text passwords for greater security. Junos OS provides a number of possible configurations at the [edit system login password] hierarchy level that allow you to require users to create plain-text passwords that conform to a particular set of requirements that may include such things as length, number of changes, type of characters, numbers, or letter case.


CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.

Configuring Requirements for Plain-Text Passwords

Step-by-Step Procedure

This example configures password requirements that require the user to creat a password that has a minimum length of 12 characters, a maximum length of 22 characters, and that includes at least one lower-case letter, at least one upper-case letter, at least one punctuation character, and at least one numeric character.

  1. Navigate to configuration mode in the [system login password] hierarchy level.

  2. Set a minimum length requirement of 12 characters and a maximum length requirement of 22 characters for user passwords.

  3. Require users to set a password that has at least one lower-case letter and at least one upper-case letter.

  4. Require users to set a password that has at least one punctuation-class character and at least one number.


From configuration mode, confirm your configuration by entering the show command at the edit system login password hierarchy level. if the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.