8-5
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
Chapter 8 Establishing Cisco Secure ACS System Configuration
Local Password Management
Local Password Management
You use the Local Password Management page to configure settings that apply to
managing passwords stored in the CiscoSecure user database. It contains the
following three sections:
•
Password Validation Options—These settings enable you to configure
validation parameters for user passwords. Cisco Secure ACS enforces these
rules when an administrator changes a user password in the CiscoSecure user
database and when a user attempts to change passwords using the
CiscoSecure Authentication Agent applet.
Note
Password validation options apply only to user passwords stored in
the CiscoSecure user database. They do not apply to passwords in
user records kept in external user databases nor do they apply to
enable or admin passwords for Cisco IOS network devices.
The password validation options are listed below:
–
Password length between X and Y characters—Enforces that password
lengths be between the values specified in the X and Y boxes, inclusive.
Cisco Secure ACS supports passwords up to 32 characters long.
–
Password may not contain the username—Requires that a user
password does not contain the username anywhere within it.
–
Password is different from the previous value—Requires a new user
password to be different from the previous password.
–
Password must be alphanumeric—Requires a user password to contain
both letters and numbers.
•
Remote Change Password—These settings enable you to configure whether
Telnet password change is enabled and, if it is enabled, whether
Cisco Secure ACS immediately sends the updated user data to its replication
partners.