Tuesday, February 15, 2011

The NX-OS 'password strength-check' Global Configuration Command

The NX-OS password strength-check global configuration command enables secure password standard.
A secure password should contain characters from at least 3 of the classes – lower case letters, upper case letters, digits, and special characters.

switch(config)# sh run | in strength
no password strength-check
switch(config)# username admin password cisco123
switch(config)# password strength-check
switch(config)# username admin password cisco456
password is weak
Password should contain characters from at least three of the following classes:
lower case letters, upper case letters, digits and special characters.
switch(config)# username admin password P@33w0rd
switch(config)#
switch(config)# sh run | in strength
switch(config)#

The following prompt that is being shown upon the initial setup of a Nexus 5000 switch allows the user to decide whether to enable secure password standard (yes is the default).

         ---- System Admin Account Setup ----


Do you want to enforce secure password standard (yes/no): no

  Enter the password for "admin":
  Confirm the password for "admin":

         ---- Basic System Configuration Dialog ----

This setup utility will guide you through the basic configuration of
the system. Setup configures only enough connectivity for management
of the system.

Please register Cisco Nexus 5000 Family devices promptly with your
supplier. Failure to register may affect response times for initial
service calls. Nexus devices must be registered to receive entitled
support services.

Press Enter at anytime to skip a dialog. Use ctrl-c at anytime
to skip the remaining dialogs.

Would you like to enter the basic configuration dialog (yes/no): no



Nexus 5000 Switch
switch login: admin
Password:
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2010, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license. Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or the GNU
Lesser General Public License (LGPL) Version 2.1. A copy of each
such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://www.opensource.org/licenses/lgpl-2.1.php
switch#
switch# sh run | in strength
no password strength-check
switch#
Posted by Yap Chin Hoong at 6:22 AM
Labels: ,

5 comments:

  1. AnonymousFebruary 3, 2016 at 10:39 AM

    so if i choose no on enforce secure password standard, I can enter any password i want right? It doesn't matter how short or any special key right?

    ReplyDelete
    Replies
    1. Yap Chin HoongFebruary 5, 2016 at 8:41 AM

      yeah, tested a single "a" character was accepted as the password. :)

      Delete
  2. Muhammad HassanMarch 5, 2018 at 10:01 AM

    Friend, this web site might be fabolous, i just like it. PCfreegallerylockfolderlock - Don't Spend Time Browsing, Study Information On Mobile Desktops On this page how to password protect your usb flash drive

    ReplyDelete
  3. Kevin DellingerJanuary 28, 2019 at 1:56 AM

    Thank you for the good write-up. It in reality was an amusing account it. Look advanced to far brought agreeable from you! However, how can we keep in touch? My latest blog post: Top 5 Quotes On Encryption Software & Here Are 5 Ways To How To Encrypt A Password For Free Faster

    ReplyDelete
  4. Pawel Co FaddeyDecember 12, 2019 at 4:04 AM

    I am glad that I saw this post. It is informative blog for us and we need this type of blog thanks for share this blog, Keep posting such instructional blogs and I am looking forward for your future posts.
    Cyber Security Projects for Final Year

    JavaScript Training in Chennai

    Project Centers in Chennai

    JavaScript Training in Chennai

    ReplyDelete

Subscribe to: Post Comments (Atom)