Details
After enabling strong password (enableall / enablelocal – not included in exclude list), all the passwords / sensitive information must have – Atleast 1 Lower case character, Atleast 1 Upper case character, Atleast 1 numeric character, Atleast 1 special character ( ~, `, !, @, #, $, %, ^, ;, *, -, _, =, +, {, }, [, ], |, , :, <, >, /, ., ,, ” “). Exclude list in case of enablelocal is – NS_FIPS, NS_CRL, NS_RSAKEY, NS_PKCS12, NS_PKCS8, NS_LDAP, NS_TACACS, NS_TACACSACTION, NS_RADIUS, NS_RADIUSACTION, NS_ENCRYPTION_PARAMS. So no Strong Password checks will be performed on these ObjectType commands for enablelocal case.
Solution
Configuration > System > Settings > Change Global System Settings > Password
Update the value to Enable All or Enable Local.
Default value: disabled
Possible values = enableall, enablelocal, disabled
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Citrix_Application_Delivery.