Cisco Cisco Content Security Management Appliance M1070 用户指南
13-15
AsyncOS 9.1 for Cisco Content Security Management Appliances User Guide
Chapter 13 Distributing Administrative Tasks
About Authenticating Administrative Users
Step 5
Submit and commit your changes.
What To Do Next
Require users to change their passwords to new passwords that meet the new requirements. See
Password Rules:
Ban reuse of the last
<number> passwords.
<number> passwords.
Choose whether or not users are allowed to choose a recently used password
when they are forced to change the password. If they are not allowed to reuse
recent passwords, enter the number of recent passwords that are banned from
reuse.
when they are forced to change the password. If they are not allowed to reuse
recent passwords, enter the number of recent passwords that are banned from
reuse.
You can enter any number from one (1) to 15. Default is three (3).
Password Rules:
List of words to
disallow in passwords
disallow in passwords
You can create a list of words to disallow in passwords.
Make this file a text file with each forbidden word on a separate line. Save the
file with the name
file with the name
forbidden_password_words.txt
and use SCP or FTP to
upload the file to the appliance.
If this restriction is selected but no word list is uploaded, this restriction is
ignored.
ignored.
Password Strength
You can display a password-strength indicator when an admin or user enters
a new password.
a new password.
This setting does not enforce creation of strong passwords, it merely shows
how easy it is to guess the entered password.
how easy it is to guess the entered password.
Select the roles for which you wish to display the indicator. Then, for each
selected role, enter a number greater than zero. A larger number means that a
password that registers as strong is more difficult to achieve. This setting has
no maximum value.
selected role, enter a number greater than zero. A larger number means that a
password that registers as strong is more difficult to achieve. This setting has
no maximum value.
Examples:
•
If you enter
30
, then an 8 character password with at least one upper- and
lower-case letter, number, and special character will register as a strong
password.
password.
•
If you enter
18
, then an 8 character password with all lower case letters
and no numbers or special characters will register as strong.
Password strength is measured on a logarithmic scale. Evaluation is based on
the U.S. National Institute of Standards and Technology rules of entropy as
defined in NIST SP 800-63, Appendix A.
the U.S. National Institute of Standards and Technology rules of entropy as
defined in NIST SP 800-63, Appendix A.
Generally, stronger passwords:
•
Are longer
•
Include upper case, lower case, numeric, and special characters
•
Do not include words in any dictionary in any language.
To enforce passwords with these characteristics, use the other settings on this
page.
page.
Setting
Description