With earlier version to manage password policies we have to edit /etc/pam.d/passwd file,

But with the vsphere 6 , once we open the file we can see below output.


Its saying we have to use esx host advanced configuration for that.


According to vmware now ESX password should be mix of characters from four character classes

  • Upper Case
  • Lower Case
  • Numbers
  • Special ($%#@#…..)

If our password starts with Uppercase cahracter , that does not count for the character classes used. Also the password , which ends with Number, does not count of character classes used.

Example passwords

aB%cL; This is a password which consist three classes(U case, L Case, Special)

Abkl$1 This is a password which consist three classes(L Case, Special,Numbers)- Upper case will not be count as a class here

aBK%%1dds This is a password which have all four classes

This is the default password policy in esx

retry=3 min=disabled,disabled,disabled,7,7

According to that we can’t use

Only one character class

Only two character classes

Two character classes and

pass phases

But we can use 7 characters from three classes & 7 characters from four classes.