Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
Configuring Password Security
passwords must meet a minimum level of complexity before they are accepted.
If Enforce strict passwords is set to On, all subsequently configured local administrator account passwords must
conform to the following rules for what constitutes a strict password.
conform to the following rules for what constitutes a strict password.
If Enforce strict passwords is set to Off, no extra checks are made on local administrator account passwords.
Notes:
■
You can never set a blank password for any administrator account, regardless of this setting.
■
This setting affects only local administrator account passwords. It does not affect any other passwords used
on the VCS, such as in the local authentication database, LDAP server, external registration credentials, user
account passwords, or administrator account passwords stored on remote credential directories.
on the VCS, such as in the local authentication database, LDAP server, external registration credentials, user
account passwords, or administrator account passwords stored on remote credential directories.
■
All passwords and usernames are case sensitive.
Non-configurable rules for strict passwords
The following password rules always apply when Enforce strict passwords is set to On. There is no way to configure
them:
them:
■
Avoid multiple instances of the same characters (non-consecutive instances are checked)
■
Avoid three or more consecutive characters such as "abc" or "123"
■
Avoid dictionary words, or reversed dictionary words
■
Avoid palindromes, such as "risetovotesir"
Configurable rules for strict passwords
The following properties of the password policy can be configured:
■
Length must be at least 6 ASCII characters, but can be up to 255 (default 15)
■
Number of numeric digits [0-9] may be between 0 and 255 (default 2)
■
Number of uppercase letters [A-Z] may be between 0 and 255 (default 2)
■
Number of lowercase letters [a-z] may be between 0 and 255 (default 2)
■
Number of special characters [printable characters from 7-bit ASCII, eg. (space), @, $ etc.)] may be between
0 and 255 (default 2)
0 and 255 (default 2)
■
Number of consecutive repeated characters allowed may be between 1 and 255 (the default 0 disables the
check, so consecutive repeated characters are allowed by default; set it to 1 to prevent a password from
containing any consecutive repeats)
check, so consecutive repeated characters are allowed by default; set it to 1 to prevent a password from
containing any consecutive repeats)
■
The minimum number of character classes may be between 0 and 4 (the default 0 disables the check).
Character classes are digits, lowercase letters, uppercase letters, and special characters.
Character classes are digits, lowercase letters, uppercase letters, and special characters.
Note:
You may experience precedence effects between the required number of character classes and the
number of characters per class.
For example, if you leave the default requirements of 2 characters of each class, there is an implied rule that 4
character classes are required. In this case, any setting of Minimum number of character classes is
irrelevant.
character classes are required. In this case, any setting of Minimum number of character classes is
irrelevant.
For another example, if you set the minimum number of character classes to 2, and set the minimum number of
characters required from each class to 0, then a password that contains characters from any two of the
classes will suffice (presuming it meets all the other criteria as well).
characters required from each class to 0, then a password that contains characters from any two of the
classes will suffice (presuming it meets all the other criteria as well).
258
Cisco TelePresence Video Communication Server Administrator Guide
User Accounts