08-14-2018 05:31 AM - edited 03-08-2019 03:54 PM
Hi
Does anyone know how to enforce a minimum password length on a Cisco 2960x (15.2.6(E1)) current latest IOS
I have tried the below but it comes as unrecognised
Switch(Config)password-policy ?
Switch(Config)security password ?
Currently the switches are configured with a local account and with AAA to a TACACS server and I am aware a policy can be enforced on the tacacs server but I also want it enforced locally for the local accounts for security auditing purposes
Also when enforcing locally, will it lock out any TACACS account that is already configured but does not meet the minimum length requirement?
Thanks
08-14-2018 08:57 AM
Enable Common Criteria-
https://community.cisco.com/t5/switching/password-complexity-enforcement/td-p/2430861
08-20-2018 02:43 AM
Thanks Colin, So looks like I cannot really enforce a min password policy. The common criteria policy only can be applied to Type 7 passwords whereas in our environment we use Type 9 encryption for local switch passwords.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide