Re: how to configure password policy in local username

PrakashKumbharvadiya7792 · ‎12-05-2022

How to configure password policy in local username not using AAA password policy.

ammahend · ‎12-05-2022

which product are you talking about ? ISE ?

-hope this helps-

PrakashKumbharvadiya7792 · ‎12-05-2022

no, 9300 series switches.

ammahend · ‎12-05-2022

I have never done this so I had to test it out.

LAB36NETM1-C9300#show run | sec aaa
aaa new-model
aaa common-criteria policy TEST
min-length 10
max-length 127
char-changes 4

LAB36NETM1-C9300(config)#username test common-criteria-policy TEST secret cisco
% Password length is less than minimum length configure
LAB36NETM1-C9300(config)#username test common-criteria-policy TEST secret ciscocisco
LAB36NETM1-C9300(config)#

I was able to login with local account

for more info : https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/xe-16-10/sec-usr-aaa-xe-16-10-book/sec-aaa-comm-criteria-pwd.html

-hope this helps-

PrakashKumbharvadiya7792 · ‎12-15-2022

This is done when we create aaa policy but i need when we create local user at that time this criteria match.

no required common-criteria-policy

just used in (Config)#username test password, like this.

ammahend · ‎12-18-2022

Aaa new model is enabled but I am not using aaa authentication for login, I am using local account, that’s why I pasted the config.
I don’t think there is a way to do without using common-criteria policy

-hope this helps-

MHM Cisco World · ‎12-18-2022

security passwords min-length <<- I know only this command it can specify the min-length of password.