You can view or change the authentication policy settings through the CLI.

You can view or set the minimum password length with the following commands:

get auth-policy minimum-password-length
set auth-policy minimum-password-length <password-length>

The following commands apply to logging in to the NSX Manager UI, or making an API call:

get auth-policy api lockout-period
get auth-policy api lockout-reset-period
get auth-policy api max-auth-failures
set auth-policy api lockout-period <lockout-period>
set auth-policy api lockout-reset-period <lockout-reset-period>
set auth-policy api max-auth-failures <auth-failures>

The following commands apply to logging in to the CLI on an NSX Manager, NSX Controller, or an NSX Edge node:

get auth-policy cli lockout-period
get auth-policy cli max-auth-failures
set auth-policy cli lockout-period <lockout-period>
set auth-policy cli max-auth-failures <auth-failures>

For more information about the CLI commands, see the NSX-T Command-Line Interface Reference.

By default, after five consecutive failed attempts to log in to the NSX Manager UI, the administrator account is locked for 15 minutes. You can disable account lockout with the following command:

set auth-policy api lockout-period 0

Similarly, you can disable account lockout for the CLI with the following command:

set auth-policy cli lockout-period 0