Details
Device administrators can specify a minimum password length that can be used to reduce the probability that management user passwords can be brute-forced to gain access to devices.
Solution
To require a minimum password length of 12 characters:
switch(config)# aaa authentication minimum-password-length 12
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system ArubaOS.