This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
- Community
- RUCKUS Technologies
- RUCKUS Lennar Support
- Community Services
- RTF
- RTF Community
- Australia and New Zealand – English
- Brazil – Português
- China – 简体中文
- France – Français
- Germany – Deutsch
- Hong Kong – 繁體中文
- India – English
- Indonesia – bahasa Indonesia
- Italy – Italiano
- Japan – 日本語
- Korea – 한국어
- Latin America – Español (Latinoamérica)
- Middle East & Africa – English
- Netherlands – Nederlands
- Nordics – English
- North America – English
- Poland – polski
- Russia – Русский
- Singapore, Malaysia, and Philippines – English
- Spain – Español
- Taiwan – 繁體中文
- Thailand – ไทย
- Turkey – Türkçe
- United Kingdom – English
- EOL Products
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- RUCKUS Forums
- RUCKUS Technologies
- ICX Switches
- Re: How does the user password aging work on ICX d...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
How does the user password aging work on ICX devices after the 180 days o more?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-16-2019 11:13 AM
Hi everyone!
I would like to know how the user password aging works. I read the security config guide for the firmware version 08070 (that is the code that I have in the switches). It says when the user aging is enable, the CLI will automatically prompt users to change their passwords when they attempt to sign on. So, if after 180 days I try to log in to the switch, do I have to put my old password and then the CLI ask for a new one? Can I change the period of time of 180 days?
Also, is there a way to sync this password update if I have multiple switches with user password aging enabled? I mean, Can I only change or update in one switch and this change will be sync in the others?
I hope someone can help me.
Regards.
I would like to know how the user password aging works. I read the security config guide for the firmware version 08070 (that is the code that I have in the switches). It says when the user aging is enable, the CLI will automatically prompt users to change their passwords when they attempt to sign on. So, if after 180 days I try to log in to the switch, do I have to put my old password and then the CLI ask for a new one? Can I change the period of time of 180 days?
Also, is there a way to sync this password update if I have multiple switches with user password aging enabled? I mean, Can I only change or update in one switch and this change will be sync in the others?
I hope someone can help me.
Regards.
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-16-2019 05:29 PM
Hi JLES,
This is from the security guide:
Enabling user password aging
For enhanced security, password aging enforces quarterly updates of all user passwords. After 180 days, the CLI will automatically prompt users to change their passwords when they attempt to sign on.
When password aging is enabled, the software records the system time that each user password was configured or last changed.
The time displays in the output of the show running configuration command, indicated by set-time.
device# show run
Current configuration:
....
username waldo password .....
username raveen set-time 2086038248
....
The password aging feature uses the NTP server clock to record the set-time. If the network does not have an NTP server, then set-time will appear as "set-time 0" in the output of the show running configuration command.
A username set-time configuration is removed when:
• The username and password are deleted from the configuration
• The username password expires
When a username set-time configuration is removed, it no longer appears in the show running configuration output.
Note that if a username does not have an assigned password, the username will not have a set-time configuration.
Password aging is disabled by default. To enable it, enter the following command at the global configuration level of the CLI.
device(config)#enable user password-aging
Syntax: [no] enable user password-aging
Configuring password history
By default, the Ruckus device stores the last five user passwords for each user. When changing a user password, the user cannot
use any of the five previously configured passwords.
For security purposes, you can configure the Ruckus device to store up to 15 passwords for each user, so that users do not use the same password multiple times. If a user attempts to use a stored password, the system will prompt the user to choose a different password.
To configure enhanced password history, enter a command such as the following at the global configuration level of the CLI.
device(config)# enable user password-history 15
Hope this helps.
Thanks
Hashim
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2019 10:46 AM
Hi Hashim!!
thank you for your response, it is very helpful! After the 180 days, do you still need the old password to log in and then the switch ask for the new one? just to know the behavior of this feature.
Thank you!
thank you for your response, it is very helpful! After the 180 days, do you still need the old password to log in and then the switch ask for the new one? just to know the behavior of this feature.
Thank you!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2019 12:39 PM
Hi JLES,
Again from the Security Guide:
Again from the Security Guide:
Configuring password history
By default, the Ruckus device stores the last five user passwords for each user. When changing a user password, the user cannot
use any of the five previously configured passwords.
For security purposes, you can configure the Ruckus device to store up to 15 passwords for each user, so that users do not use
the same password multiple times. If a user attempts to use a stored password, the system will prompt the user to choose a
different password.
To configure enhanced password history, enter a command such as the following at the global configuration level of the CLI.
device(config)# enable user password-history 15
Syntax: [no] enable user password-history previous-passwords
The previous-passwords variable is a value from 1 through 15. The default is 5.
Hope this helps
Thanks
Hashim
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-25-2019 11:18 AM
Hi Hashim
I go it!!
Thank you so much for your help.
Juan
I go it!!
Thank you so much for your help.
Juan
Labels
-
7250
1 -
802.3af PoE
1 -
802.3at PoE
1 -
AAA
1 -
ACL
1 -
auto-provision
1 -
auto-provisioning
1 -
Cluster synchronization
1 -
Crypto Keys
1 -
Deployment
1 -
dhcp-66
1 -
fastiron-10
1 -
fastiron-8
1 -
Firmware Upgrade
2 -
ICX
3 -
ICX 7150-C12p
1 -
ICX switch
2 -
ICX Switch Management
6 -
ICX-7150-C12
1 -
ICX-7550
1 -
ICX-8200
1 -
Installation
1 -
not enough electricity
1 -
overlad
1 -
Override PoE Operating Mode
1 -
PD overload
1 -
Poe
1 -
PoE mode.
1 -
power limitations
1 -
Proposed Solution
1 -
RADIUS
1 -
Routing
1 -
RUCKUS Self-Help
2 -
stack
1 -
stack password
1 -
tftp
1 -
Upgrade
1 -
Upgrade path
1 -
We
1 -
zero-touch
1
- « Previous
- Next »
