Root password detection prevents users from selecting an unsafe root password and adding incremental numbers of symbols.
When enabled, the root password feature strips trailing or prepended numbers and symbols to determine the "root" and then evaluates whether the root is compromised or commonly used.
For example:
A password Blackberry1234!!! has a root password of Blackberry, which is commonly used and previously compromised and would therefore fail this policy.
To enable root password detection, go to Monitoring Policies > Password Policies and select "Screen root passwords."
Organizations enabling this feature may find it helpful to train users to use multiple word passphrases.
To evaluate this feature or determine why a particular password fails policy, use the Test Page.