For password composition policies in PAM is there any risk that an update of the minimum password length could cause issues for existing accounts in PAM that have password lengths below the new minimum.

Release : 3.4.x, 4.0.x

Component : PRIVILEGED ACCESS MANAGEMENT

The change in the Password complexity only has a role to play with respect to the user accounts that are created locally in CA PAM, these users can login to CA PAM.

• There will not be any negative impact with the change in the minimum password length setting.
• The existing logged-in users will not be impacted, their login session will not be disconnected.
• The change will be effective for a new login session.
• If any user's existing password is equal to or greater than the new minimum password length these users will be able to login and would not be prompted to change the password.
• The users whose current password length is less than the new minimum password length, these users would be prompted to change their password upon login.
• The change in the password length is immediate, this does not need a reboot of CA PAM. 

The Settings, Global Settings page contains options that let you customize functions for all Users and Devices. The tabs allow customization of global user policies, such as passwords and access methods