Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
248
Views
0
Helpful
1
Replies

Did you choose password type 8 or 9?

mannap36
Level 1
Level 1

‎03-06-2024 09:31 PM

We aren't required to follow a certain direction, but I know 2 years ago NSA & NIST essentially said use 8 because 9 wasn't yet vetted. Cisco had or does recommend type 9. What did you go with?

Finally upgrading from the ones you can just paste and see online. From quick testing, it looks like just using command, "username <user> algorithm-type sha256 secret <pass>" would be the safest way to overwrite the old user of the same name but with the better protection with no downside of it accidentally being cleared first but then not supporting the command such as in the case of old switches

VidMate
Labels:
0 Helpful
1 Reply 1

Kasun Bandara
VIP
VIP

‎03-06-2024 09:41 PM

@mannap36 according to below link which published on 2022, NIST didn't evaluated type 9 as of 2022. this decision need to match to your company policy. so try to comply with your selected regulation entity. if you are using NIST, recommendation is 8. but try to get updated recommendation for 2024.

https://media.defense.gov/2022/Feb/17/2002940795/-1/-1/1/CSI_CISCO_PASSWORD_TYPES_BEST_PRACTICES_20220217.PDF

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful
Customers Also Viewed These Support Documents