IA-5(1)(a) Minimum password complexity (upper/lower/special/etc)

[shawndwells]

http://ssptool.securitycentral.io/certifications/FedRAMP-low/NIST-800-53/IA-5%20(1)

(1)(a). Enforces minimum password complexity of [Assignment: organization-defined requirements for case sensitivity, number of characters, mix of upper-case letters, lower-case letters, numbers, and special characters, including minimum requirements for each type];

Note the "for each type".... IdM should support different password policies by group membership. AKA admins have stronger passwords than general users

[redhatrises]

Per dpal:

In the IdM minimum password complexity can be set as a global, per account or per group of accounts policy. The complexity defines how many groups of characters must be present in the password, This can be done via the UI or CLI. Global policy is the default one that can be overwritten by a specific group policy while policy set on the account trumps them all.