Information
Password profiles that are weaker than the recommended minimum password complexity settings must not exist.
Rationale:
As password profiles override any 'Minimum Password Complexity' settings defined in the device, they generally should not exist. If these password profiles do exist, they should enforce stronger password policies than what is set in the 'Minimum Password Complexity' settings.
Solution
Navigate to Device > Password Profiles.
Ensure Password Profiles weaker than the recommended minimum password complexity settings do not exist.
Default Value:
Not configured
References:
'PAN-OS Administrator's Guide 9.0 (English) - Best Practices for Securing Administrative Access' - https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html