cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6221
Views
5
Helpful
2
Replies

Password Complexity for local accounts on ASA and Routers

Bmodlin
Beginner
Beginner

I know it is possible to set minimum password length on these devices, but can we configure password complexity options for local accounts on an ASA 5508 and/or an IOS router (i.e. ISR 4321)?

 

I am in the middle of an audit, and need to provide official proof if it is not possible.

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
VIP Community Legend VIP Community Legend
VIP Community Legend

Here's how to set password complexity on IOS:

 

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/15-sy/sec-usr-aaa-15-sy-book/sec-aaa-comm-criteria-pwd.html#GUID-F1D04ED0-FE16-4A0A-817E-DF9F222A617D

 

and on ASA:

 

https://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/admin_management.html#pgfId-1711061

 

Ideally you would be using external authentication tied back to your AD or other enterprise identity source and the local credential would only be for fallback purposes.

View solution in original post

2 Replies 2

Flavio Miranda
Advisor
Advisor

Marvin Rhoads
VIP Community Legend VIP Community Legend
VIP Community Legend

Here's how to set password complexity on IOS:

 

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/15-sy/sec-usr-aaa-15-sy-book/sec-aaa-comm-criteria-pwd.html#GUID-F1D04ED0-FE16-4A0A-817E-DF9F222A617D

 

and on ASA:

 

https://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/admin_management.html#pgfId-1711061

 

Ideally you would be using external authentication tied back to your AD or other enterprise identity source and the local credential would only be for fallback purposes.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers