Bug ID 1552921: Password policy option reject-username set to false has no effect

Last Modified: Aug 01, 2024

Affected Product(s):
F5OS F5OS-A, F5OS-C(all modules)

Known Affected Versions:
F5OS-A 1.7.0

Opened: Feb 28, 2024

Severity: 3-Major

Symptoms

When the administrator configures 'system aaa password-policy config reject-username false', F5OS will still reject passwords that contain the username.

Impact

When a user tries to set or change a password containing their username in any part of the password, F5OS will reject that password.

Conditions

System aaa password-policy config reject-username is set to false

Workaround

Do not use passwords that contain the username.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips