Restrictions for Controlling Switch Access with Passwords and Privileges
The following are the restrictions for controlling switch access with passwords and privileges:
-
Disabling password recovery will not work if you have set the switch to boot up manually by using the boot manual global configuration command. This command produces the boot loader prompt (switch:) after the switch is power cycled.
Restrictions and Guidelines for Reversible Password Types
-
Password type 0 and type 7 are deprecated. So password type 0 and type 7, used for administrator login to Console, Telnet, SSH, webUI, and NETCONF, must be migrated to password type 8 or type 9.
-
No action is required if username and password are type 0 and type 7 for local authentication such as CHAP, EAP and so on for ISG and Dot1x.
-
Enable password type 0 and type 7 must be migrated to password type 8 or type 9.
-
Type 6 encrypted password is supported for username and password. Auto-conversion of password type 0 and password type 7 to password type 6 is also supported.
Restrictions and Guidelines for Irreversible Password Types
-
Password type 5 is deprecated. Password type 5 must be migrated to stronger password type 8 or type 9.
-
For username secret password type 5 and for enable secret password type 5, migrate to type 8 or type 9.
-
Plain text passwords are converted to non-reversible encrypted password type 9.
-
Secret password type 4 is not supported.