Changing user passwords, Changing user passwords” section on – Cisco ASA 5505 User Manual

35-27

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 35 Configuring AAA Servers and the Local Database

Configuring AAA

.

Changing User Passwords

The ASA enables administrators with the necessary privileges to modify passwords for users in the
current context. Users must authenticate with their current passwords before they are allowed to change
passwords. However, authentication is not required when an administrator is changing a user password.

To enable users to change their own account passwords, enter the following command:

Step 7

password-policy minimum-uppercase

value

Example:

hostname(config)# password-policy minimum-uppercase

3

Sets the minimum number of upper case characters
that passwords may have. Valid values are between
0 and 64 characters. The default value is 0, which
means there is no minimum.

Step 8

password-policy authenticate enable

Example:

hostname(config)# password-policy authenticate

enable

(Optional) Determines whether or not users are
allowed to modify their own user account.

If authentication is enabled, users cannot change
their own password or delete their own account with
the username command or with the clear configure
username command.

Command

Purpose

Command

Purpose

change-password

[old-password old-password

[new-password new-password]]

Example:

hostname# change-password old-password

myoldpassword000 new password mynewpassword123

Enables users to change their own account passwords. The
new-password new-password keyword-argument pair
specifies the new password. The old-password old-password
keyword-argument pair specifies the old password, which
reauthenticates the user. If users omit the passwords, the ASA
prompts them for input. When users enter the
change-password command, they are asked to save their
running configuration.