Cisco Cisco Email Security Appliance C650 Guía Del Usuario
32-20
Cisco AsyncOS 9.1 for Email User Guide
Chapter 32 Distributing Administrative Tasks
Passwords
Step 5
Submit and commit your changes.
What To Do Next
If you selected List of words to disallow in passwords, create and upload the described text file.
External Authentication
If you store user information in an LDAP or RADIUS directory on your network, you can configure your
Cisco appliance to use the external directory to authenticate users who log in to the appliance. To set up
the appliance to use an external directory for authentication, use the System Administration > Users page
in the GUI or the
Cisco appliance to use the external directory to authenticate users who log in to the appliance. To set up
the appliance to use an external directory for authentication, use the System Administration > Users page
in the GUI or the
userconfig
command and the
external
subcommand in the CLI.
Password Rules:
List of words to disallow in
passwords
passwords
You can create a list of words to disallow in passwords.
Make this file a text file with each forbidden word on a separate line.
Save the file with the name
Save the file with the name
forbidden_password_words.txt
and use
SCP or FTP to upload the file to the appliance.
If this restriction is selected but no word list is uploaded, this
restriction is ignored.
restriction is ignored.
Password Strength
You can display a password-strength indicator when an admin or user
enters a new password.
enters a new password.
This setting does not enforce creation of strong passwords, it merely
shows how easy it is to guess the entered password.
shows how easy it is to guess the entered password.
Select the roles for which you wish to display the indicator. Then, for
each selected role, enter a number greater than zero. A larger number
means that a password that registers as strong is more difficult to
achieve. This setting has no maximum value.
each selected role, enter a number greater than zero. A larger number
means that a password that registers as strong is more difficult to
achieve. This setting has no maximum value.
Examples:
•
If you enter
30
, then an 8 character password with at least one
upper- and lower-case letter, number, and special character will
register as a strong password.
register as a strong password.
•
If you enter
18
, then an 8 character password with all lower case
letters and no numbers or special characters will register as strong.
Password strength is measured on a logarithmic scale. Evaluation is
based on the U.S. National Institute of Standards and Technology rules
of entropy as defined in NIST SP 800-63, Appendix A.
based on the U.S. National Institute of Standards and Technology rules
of entropy as defined in NIST SP 800-63, Appendix A.
Generally, stronger passwords:
•
Are longer
•
Include upper case, lower case, numeric, and special characters
•
Do not include words in any dictionary in any language.
To enforce passwords with these characteristics, use the other settings
on this page.
on this page.
Setting
Description