Password Strength
The default username/password is cisco/cisco. The first time that you log in with the default username and password, you are required to enter a new password. Password complexity is enabled by default. If the password that you choose is not complex enough (Password Complexity Settings are enabled in the Password Strength page), you are prompted to create another password.
See
User Accounts on how to create a user account.
Since passwords are used to authenticate users accessing the device, simple passwords are potential security hazards. Therefore, password complexity requirements are enforced by default and may be configured as necessary.
To define password complexity rules:
STEP 1 Click Security > Password Strength.
STEP 2 Enter the following aging parameters for passwords:
• Password Aging—If selected, the user is prompted to change the password when the Password Aging Time expires.
• Password Aging Time—Enter the number of days that can elapse before the user is prompted to change the password.
NOTE Password aging also applies to zero-length passwords (no password).
STEP 3 Select Password Complexity Settings to enable complexity rules for passwords.
If password complexity is enabled, new passwords must conform to the following default settings:
• Have a minimum length of eight characters.
• Contain characters from at least three character classes (uppercase letters, lowercase letters, numbers, and special characters available on a standard keyboard).
• Are different from the current password.
• Contain no character that is repeated more than three times consecutively.
• Do not repeat or reverse the users name or any variant reached by changing the case of the characters.
• Do not repeat or reverse the manufacturers name or any variant reached by changing the case of the characters.
STEP 4 If the Password Complexity Settings are enabled, the following parameters may be configured:
• Minimal Password Length—Enter the minimal number of characters required for passwords.
NOTE A zero-length password (no password) is allowed, and can still have password aging assigned to it.
• Allowed Character Repetition—Enter the number of times that a character can be repeated.
• Minimal Number of Character Classes—Enter the number of character classes which must be present in a password. Character classes are lower case (1), upper case (2), digits (3), and symbols or special characters (4).
• The New Password Must Be Different than the Current One—If selected, the new password cannot be the same as the current password upon a password change.
STEP 5 Click Apply. The password settings are written to the Running Configuration file.
NOTE Configuring the username-password equivalence, and manufacturer-password equivalence may be done through the CLI. See the CLI Reference Guide for further instruction.