Heads up CBS250 & CBS350 users, the upcoming firmware update version 3.2 will contains updates to the password requirements. An article will be linked once published. Below is a snippet from that article highlighting the mandatory changes.
These will apply to all new user accounts and any password changes made to existing user accounts.
-
New Rules cannot be disabled.
-
It will verify that the password is not from a list of known common passwords. This common password list was compiled by choosing the 10,000 most used passwords from a list of the 10,000,000 most common passwords. This list can be found on the github link.
-
No variations of the common passwords using upper/lower case or using the following character substitutions:
"$" for "s", "@" for "a", "0" for "o", "1" for "l", "!" for "i", "3" for "e“
-
It will block passwords that include more than two sequential characters in a row (again looking for common substitutions and case). For example, if a password contains abc, it will be blocked as it has three sequential letters. So would @bc since there is the common substitution of the @ symbol for a. Similarly, cba will be blocked as it is sequential in reverse order. Other examples include “efg123!$”, “abcd765%”, “kji!$378”, "qr$58!230".
-
New password must not contain the username. For example, no “Admin548” for user admin.
-
New password must not contain the manufacturer name. For example, no C!sc0IsCool.
-
New password must not contain the product name. For example, no CBSCo0l$witch