beautypg.com

Enabling user password masking – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 37

background image

NOTE
Password minimum and combination requirements are strictly enforced.

Use the enable strict-password-enforcement command to enable the password security feature.

device(config)#enable strict-password-enforcement

Syntax: [no] enable strict-password-enforcement

This feature is disabled by default.

The following security upgrades apply to the enable strict-password-enforcement command:

• Passwords must not share four or more concurrent characters with any other password configured

on the router. If the user tries to create a password with four or more concurrent characters, the
following error message will be returned.

Error - The substring str within the password has been used earlier, please choose a

different password.

For example, the previous password was Ma!i4aYa&, the user cannot use any of the following as his or
her new password:

Ma!imai$D because "Mail" were used consecutively in the previous password

&3B9aYa& because "aYa&" were used consecutively in the previous password

i4aYEv#8 because "i4aY" were used consecutively in the previous password

• If the user tries to configure a password that was previously used, the Local User Account

configuration will not be allowed and the following message will be displayed.

This password was used earlier for same or different user, please choose a different

password.

Enabling user password masking

By default, when you use the CLI to create a user password, the password displays on the console as
you type it. For enhanced security, you can configure the Brocade device to mask the password
characters entered at the CLI. When password masking is enabled, the CLI displays asterisks (*) on the
console instead of the actual password characters entered.

The following shows the default CLI behavior when configuring a username and password.

device(config)#username kelly password summertime

The following shows the CLI behavior when configuring a username and password when password-
masking is enabled.

device(config)#username kelly password

Enter Password: ********

NOTE
When password masking is enabled, press the [Enter] key before entering the password.

Syntax: username name password [Enter]

For [Enter], press the Enter key. Enter the password when prompted.

If strict-password-enforcement is enabled, enter a password which contains the required character
combination. Refer to

Enabling enhanced user password combination requirements

on page 36.

Enabling user password masking

FastIron Ethernet Switch Security Configuration Guide

37

53-1003088-03

See also other documents in the category Brocade Computer Accessories: