Cisco Headend System Release 2.7 Installation Guide

 

146 

78-4036705-01 Rev D 

Regardless of password management rules enforced by a system, users must still be 
encouraged to choose difficult to guess passwords. Proper system management of 
passwords is important but the primary responsibility for strong passwords 
ultimately rests with the user. 

Users must select a very strong password. Strong passwords have the following 
general characteristics: 

 

Contain 8 or more characters 

 

Contain at least 2 alphanumeric characters and at least one numeric or special 
character 

 

Do not consist of only one character type (aaaaaaa or 11111111) 

 

Do not contain any aspects of a date 

 

Are not proper names  

 

Are not telephone numbers or similar numeric groups 

 

Are not user IDs, user names, group IDs, or other system identifiers 

 

Do not contain more than two (2) consecutive occurrences of the same character 

 

Are not consecutive keyboard patterns (for example, qwerty) 

 

The system sets the following restrictions on re-using passwords: 

 

The system retains the last 5 passwords each user uses. 

 

The system does not allow you to re-use any of the last 5 passwords each user 
has used. 

 

We recommend that you change the default passwords for the root and for the dtacs 
role at a minimum to increase the security level on the DTACS. Our 
recommendations for other account passwords are as follows: 

 

informix account: Changing the informix account password is not necessary 
since this account is locked by default. 

 

dtacsSSH account: Changing the dtacsSSH account password is not necessary 
since this user is not directly used by an operator, and the default password is 
either not known or documented.