Password strength – Dell POWEREDGE M1000E User Manual

Page 1394

Advertising
background image

1390

Password Management Commands

The administrator can access the serial port even if he/she is locked out and

reset the password or clear the config to regain control of the switch. This

ensures that if a hacker tries to log in as admin and causes the account to be

locked out, then the administrator with physical access to the switch can still

log in and reactivate the admin account.

Password Strength

Password Strength is a measure of the effectiveness of a password in resisting

guessing and brute-force attacks. The strength of a password is a function of

length, complexity and randomness. Using strong passwords lowers overall

risk of a security breach. The scope of this feature is to enforce a baseline

Password Strength for all locally administered users.
The feature doesn’t affect users with an existing password until their

password ages out. Password Strength is only enforced when a user is

configuring a new password or changing their existing password. The default

action is Disabled in FP and is independent of any platform. The network

operator has to take care that the Password Strength check is Disabled before

downloading scripts containing old users to avoid password configuration

failure for such users.
The Password Strength check won’t be applied for already configured user

passwords on reload. It is applied only to passwords that are newly configured

after config restoration. This ensures that config migration doesn’t affect the

old users.
The operator is able to override the password complexity check even when the

Password Strength feature is enabled. It is possible by explicitly adding the

command while configuring the password as shown in the relevant section of

the CLI specification to avoid the check.
This override functionality is useful in overriding password checks whenever

the operator wants to do so while applying scripts containing weak passwords.
Also the existing users are saved in the running configuration with this

override check command so as to allow the successful creation of these users

during boot-up in spite of the changes in the password strength definitions.

This override check keyword is available only in CLI.

2CSPC4.XModular-SWUM200.book Page 1390 Thursday, March 10, 2011 11:18 AM

Advertising
Popular Brands
Popular manuals