Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
32-17
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 32 Distributing Administrative Tasks
Passwords
Locking and Unlocking a User Account
Locking a user account prevents a local user from logging into the appliance. A user account can be
locked in one of the following ways:
locked in one of the following ways:
•
AsyncOS locks a user account if the user exceeded the maximum number of failed login attempts
defined in the Local User Account & Password Settings section.
defined in the Local User Account & Password Settings section.
•
Administrators can manually lock user accounts for security purposes using the System
Administration > Users page.
Administration > Users page.
AsyncOS displays the reason why the user account was locked when you view the user account on the
Edit User page.
Edit User page.
To unlock a user account, open the user account by clicking on the user name in the Users listing and
click Unlock Account.
click Unlock Account.
To manually lock a local user account, open the user account by clicking on the user name in the Users
listing and click Lock Account. AsyncOS displays a message saying that the user will be unable to log
into the appliance and asks if you want to continue.
listing and click Lock Account. AsyncOS displays a message saying that the user will be unable to log
into the appliance and asks if you want to continue.
You can also configure all local user accounts to lock after users fail to login successfully after a
configured number of attempts. For more information, see
configured number of attempts. For more information, see
.
Note
If you lock the admin account, you can only unlock it by logging in as the admin through a serial
communications connection to the serial console port. The admin user can always access the appliance
using the serial console port, even when the admin account is locked. See
communications connection to the serial console port. The admin user can always access the appliance
using the serial console port, even when the admin account is locked. See
for more information on accessing the appliance using the serial console port.
Configuring Restrictive User Account and Password Settings
You can define user account and password restrictions to enforce organizational password policies. The
user account and password restrictions apply to local users defined on the Cisco appliance. You can
configure the following settings:
user account and password restrictions apply to local users defined on the Cisco appliance. You can
configure the following settings:
•
User account locking. You can define how many failed login attempts cause the user to be locked
out of the account.
out of the account.
•
Password lifetime rules. You can define how long a password can exist before the user is required
to change the password after logging in.
to change the password after logging in.
•
Password rules. You can define what kinds of passwords users can choose, such as which characters
are optional or mandatory.
are optional or mandatory.
You define user account and password restrictions on the System Administration > Users page in the
Local User Account and Password Settings section.
Local User Account and Password Settings section.
Procedure
Step 1
Choose System Administration > Users.
Step 2
Scroll to the Local User Account and Password Settings section.
Step 3
Click Edit Settings.