Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
119
Views
0
Helpful
0
Replies

VG 320 common criteria unavailable

AKRobert
Level 1
Level 1

ā€Ž02-29-2024 10:15 AM

We need to be able to stipulate the criteria for what is an acceptable password.

The VG450 runs IOS XE systems support this with the following command:

aaa common-criteria policy PASSWORD_POLICY
min-length 15
max-length 127
numeric-count 1
upper-case 1
lower-case 1
special-case 1
char-changes 8
once we have configured what is required for a valid password we use the following command to generate the user account username XXXX privilege 15 common-criteria-policy PASSWORD_POLICY secret xxxxx

The VG320 runs IOS and does not seem to support this function setting acceptable password criteria is required for STIG compliance.

I did come up with the command "aaa password restriction" which does check some of the boxes by doing the following "Password configured should have characters belonging to at least 3 out of 4 classes of characters (Capital letters, small letters, numbers, special characters)" but really is a ways away still from what the aaa common-criteria policy PASSWORD_POLICY allows. 

does anyone know another way to enforce a strict password policy like in IOS-XE?

thank you

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card