Enabling user password masking, Enabling user password aging – Brocade Communications Systems Brocade ICX 6650 6650 User Manual

Page 39

Advertising
background image

Brocade ICX 6650 Security Configuration Guide

19

53-1002601-01

Local user accounts

This password was used earlier for same or different user, please choose a
different password.

Enabling user password masking

By default, when you use the CLI to create a user password, the password displays on the console
as you type it. For enhanced security, you can configure the Brocade device to mask the password
characters entered at the CLI. When password masking is enabled, the CLI displays asterisks (*) on
the console instead of the actual password characters entered.

The following shows the default CLI behavior when configuring a username and password.

Brocade(config)# username kelly password summertime

The following shows the CLI behavior when configuring a username and password when
password-masking is enabled.

Brocade(config)# username kelly password
Enter Password: ********

NOTE

When password masking is enabled, press the [Enter] key before entering the password.

Syntax: username name password [Enter]

For [Enter], press the Enter key. Enter the password when prompted.

If strict-password-enforcement is enabled, enter a password which contains the required character
combination. Refer to

“Enabling enhanced user password combination requirements”

on page 18.

To enable password masking, enter the following command.

Brocade(config)# enable user password-masking

Syntax: [no] enable user password-masking

Enabling user password aging

For enhanced security, password aging enforces quarterly updates of all user passwords. After 180
days, the CLI will automatically prompt users to change their passwords when they attempt to sign
on.

When password aging is enabled, the software records the system time that each user password
was configured or last changed. The time displays in the output of the show running configuration
command, indicated by set-time time.

Example

The password aging feature uses the SNTP server clock to record the set-time. If the network does
not have an SNTP server, then set-time will appear as set-time 0 in the output of the show running
configuration command.

Brocade# show run
Current configuration:
....
username waldo password .....
username raveen set-time 2086038248
....

Advertising
Popular Brands
Popular manuals