Cisco Headend System Release 2.7 설치 가이드
Appendix A
Managing DTACS User Accounts
146
78-4036705-01 Rev D
Password Management
Regardless of password management rules enforced by a system, users must still be
encouraged to choose difficult to guess passwords. Proper system management of
passwords is important but the primary responsibility for strong passwords
ultimately rests with the user.
encouraged to choose difficult to guess passwords. Proper system management of
passwords is important but the primary responsibility for strong passwords
ultimately rests with the user.
Users must select a very strong password. Strong passwords have the following
general characteristics:
general characteristics:
Contain 8 or more characters
Contain at least 2 alphanumeric characters and at least one numeric or special
character
character
Do not consist of only one character type (aaaaaaa or 11111111)
Do not contain any aspects of a date
Are not proper names
Are not telephone numbers or similar numeric groups
Are not user IDs, user names, group IDs, or other system identifiers
Do not contain more than two (2) consecutive occurrences of the same character
Are not consecutive keyboard patterns (for example, qwerty)
System Password Retention
The system sets the following restrictions on re-using passwords:
The system retains the last 5 passwords each user uses.
The system does not allow you to re-use any of the last 5 passwords each user
has used.
has used.
Changing a User Account Password
We recommend that you change the default passwords for the root and for the dtacs
role at a minimum to increase the security level on the DTACS. Our
recommendations for other account passwords are as follows:
role at a minimum to increase the security level on the DTACS. Our
recommendations for other account passwords are as follows:
informix account: Changing the informix account password is not necessary
since this account is locked by default.
since this account is locked by default.
dtacsSSH account: Changing the dtacsSSH account password is not necessary
since this user is not directly used by an operator, and the default password is
either not known or documented.
since this user is not directly used by an operator, and the default password is
either not known or documented.