194
Configuring password control
Overview
Password control allows you to implement the following features:
• Manage login and super password setup, expirations, and updates for device management users.
• Control user login status based on predefined policies.
Local users are divided into two types: device management users and network access users. This feature
applies only to device management users. For more information about local users, see "Configuring
AAA."
Password setting
Minimum password length
You can define the minimum length of user passwords. If a user enters a password that is shorter than the
minimum length, the system rejects the password.
Password composition policy
A password can be a combination of characters from the following types:
• Uppercase letters A to Z.
• Lowercase letters a to z.
• Digits 0 to 9.
• Special characters. For information about special characters, see the password-control composition
command in Security Command Reference.
Depending on the system's security requirements, you can set the minimum number of character types a
password must contain and the minimum number of characters for each type, as shown in Table 16.
Table 16 Password c
omposition policy
Password combination
level
Minimum number of
character t
es
Minimum number of characters for
each t
e
Level 1 One One
Level 2 Two One
Level 3 Three One
Level 4 Four One
In non-FIPS mode, all the combination levels are available for a password. In FIPS mode, only the level
4 combination is available for a password.
When a user sets or changes a password, the system checks if the password meets the combination
requirement. If not, the operation fails.
To Next Page
Loading...
Need help?
General