beautypg.com

Brocade Communications Systems Brocade ICX 6650 6650 User Manual

Page 38

background image

18

Brocade ICX 6650 Security Configuration Guide

53-1002601-01

Local user accounts

Users are locked out (disabled) if they fail to login after three attempts. This feature is
automatically enabled. Use the disable-on-login-failure command to change the number of
login attempts (up to 10) before users are locked out.

The following rules are disabled by default:

Enhanced user password combination requirements

User password masking

Quarterly updates of user passwords

You can configure the system to store up to 15 previously configured passwords for each user.

You can use the disable-on-login-failure command to change the number of login attempts (up
to 10) before users are locked out.

A password can now be set to expire.

Enabling enhanced user password combination requirements

When strict password enforcement is enabled on the Brocade device, you must enter a minimum of
eight characters containing the following combinations when you create an enable and a user
password:

At least two upper case characters

At least two lower case characters

At least two numeric characters

At least two special characters

NOTE

Password minimum and combination requirements are strictly enforced.

Use the enable strict-password-enforcement command to enable the password security feature.

Brocade(config)# enable strict-password-enforcement

Syntax: [no] enable strict-password-enforcement

This feature is disabled by default.

The following security upgrades apply to the enable strict-password-enforcement command:

Passwords must not share four or more concurrent characters with any other password
configured on the router. If the user tries to create a password with four or more concurrent
characters, the following error message will be returned.

Error - The substring within the password has been used earlier, please
choose a different password.

For example, the previous password was Ma!i4aYa&, the user cannot use any of the following
as his or her new password:

-

Ma!imai$D because “Mail” were used consecutively in the previous password

-

&3B9aYa& because “aYa&” were used consecutively in the previous password

-

i4aYEv#8 because “i4aY“were used consecutively in the previous password

If the user tries to configure a password that was previously used, the Local User Account
configuration will not be allowed and the following message will be displayed.

See also other documents in the category Brocade Communications Systems Computer Accessories: