1 files changed, 33 insertions, 0 deletions

diff --git a/xyz/openbmc_project/User/AccountPolicy.interface.yaml b/xyz/openbmc_project/User/AccountPolicy.interface.yaml
new file mode 100644
index 0000000..9397f4b
--- /dev/null
+++ b/xyz/openbmc_project/User/AccountPolicy.interface.yaml
@@ -0,0 +1,33 @@
+description: >
+    Provides global user account policy related management.
+
+properties:
+    - name: MaxLoginAttemptBeforeLockout
+      type: uint16
+      description: >
+          Configures the maximum permissible attempt before locking
+          out the user. Value of 0 indicates that account lockout
+          feature is disabled.
+
+    - name: AccountUnlockTimeout
+      type: uint32
+      description: >
+          Configures timeout needed (in seconds) to unlock the account
+          after a lockout. Value of 0 indicates that account must be
+          unlocked manually.
+
+    - name: MinPasswordLength
+      type: byte
+      description: >
+          Configures the minimum password length. Minimum password length
+          specified in build time is marked as default value. This property
+          cannot be configured below the build time default value but can be
+          set to higher one for security reasons.
+
+    - name: RememberOldPasswordTimes
+      type: byte
+      description: >
+          Configures the number of times old password shouldn't be allowed
+          when trying to update new password. Value of 0 (by default) indicates
+          this feature is not enforced.
+# vim: tabstop=8 expandtab shiftwidth=4 softtabstop=4