Cisco Cisco Expressway Maintenance Manual
■
Avoid dictionary words, or reversed dictionary words
■
Avoid palindromes, such as "risetovotesir"
Configurable rules for strict passwords
The following properties of the password policy can be configured:
■
Length must be at least 6 ASCII characters, but can be up to 255 (default 15)
■
Number of numeric digits [0-9] may be between 0 and 255 (default 2)
■
Number of uppercase letters [A-Z] may be between 0 and 255 (default 2)
■
Number of lowercase letters [a-z] may be between 0 and 255 (default 2)
■
Number of special characters [printable characters from 7-bit ASCII, eg. (space), @, $ etc.)] may be between
0 and 255 (default 2)
0 and 255 (default 2)
■
Number of consecutive repeated characters allowed may be between 1 and 255 (the default 0 disables the
check, so consecutive repeated characters are allowed by default; set it to 1 to prevent a password from
containing any consecutive repeats)
check, so consecutive repeated characters are allowed by default; set it to 1 to prevent a password from
containing any consecutive repeats)
■
The minimum number of character classes may be between 0 and 4 (the default 0 disables the check).
Character classes are digits, lowercase letters, uppercase letters, and special characters.
Character classes are digits, lowercase letters, uppercase letters, and special characters.
Note:
You may experience precedence effects between the required number of character classes and the
number of characters per class.
For example, if you leave the default requirements of 2 characters of each class, there is an implied rule that 4
character classes are required. In this case, any setting of Minimum number of character classes is
irrelevant.
character classes are required. In this case, any setting of Minimum number of character classes is
irrelevant.
For another example, if you set the minimum number of character classes to 2, and set the minimum number of
characters required from each class to 0, then a password that contains characters from any two of the
classes will suffice (presuming it meets all the other criteria as well).
characters required from each class to 0, then a password that contains characters from any two of the
classes will suffice (presuming it meets all the other criteria as well).
Configuring Administrator Accounts
The Administrator accounts page (Users > Administrator accounts) lists all the local administrator accounts on the
Expressway.
Expressway.
In general, local administrator accounts are used to access the Expressway on its web interface or API interface, but
are not permitted to access the CLI.
are not permitted to access the CLI.
On this page you can:
■
Create a new administrator account
■
Change an administrator password
■
Change the access level of an account: Read-write, Read-only, or Auditor
■
Change the access scope of an account: Web access, API access, or both
■
Delete, enable, or disable individual or multiple administrator accounts
Editing administrator account details
You can edit the details for the default administrator account and for additional local administrator accounts.
Go to Users > Administrator accounts. Under Actions for the relevant administrator account, click Edit user.
A new page is displayed, where you can edit all fields for the selected administrator account except for the
password. To change the password, see below.
password. To change the password, see below.
About the "admin" account
This default local administrator account has full Read-write access and can access the Expressway using the web
180
Cisco Expressway Administrator Guide
User Accounts