Administrators can now configure the EdgeMarc to require users to change their default password the first time they log in. The password must adhere to the strong password policy configured by the administrator.

When this feature is enabled and a root or read-only (rouser) user tries to log into the EdgeMarc GUI with the default password, they will be redirected to the Change Password page to change their password.

CLI (SSH or Serial) users are also prompted to change their password. This feature is enabled by default.

A user is not allowed to access the system until they create a strong password that meets the following criteria:

  • 6-8 (for root) total characters
  • 1 lower case alphabet
  • 1 numeric
  • 1 special

To Enable or Disable Strong Password Enforcement

Use the following procedure to enable or disable Strong Password Enforcement from the EdgeMarc configuration GUI.

  1. Choose Admin > Users. The Session/User Management - Advanced configuration page appears by default.

    The Disable Strong Password Enforcement checkbox is un-checked by default. Strong Password Enforcement is enabled and configuration fields are active.

    Note

    If User Management is enabled, Strong Password Enforcement settings are not available on the Session/User Management - Advanced configuration page.


  2. Enter required password information in the following active Password Configuration Settings fields:

    • Minimum Alphabet Characters Required (0-4)

    • Minimum Upper Case Alphabet Characters Required (0-2)

    • Minimum lower Case Alphabet Characters Required (0-2)

    • Minimum Numeric Characters Required (0-2)

    • Minimum Special Characters Required (0-2)

    • Maximum Consecutive Repeating Characters Allowed (0-4)

  3. Click Submit.

    When the user logs in to the system for the first time with their default password, they are directed to the Change Password page.

  4. To disable Strong Password Enforcement, check the Disable Strong Password Enforcement checkbox on the Session/User Management - Advanced configuration page. Password Configuration Settings fields become inactive (grayed out) on the page.

    Strong Password Enforcement can also be configured through the CLI by setting parameters in the user_mgmt.conf file. Two new PASSWD configuration commands are added, as described in the following table.

    Strong Password Enforcement CLI

    CommandDescription

    DISABLE_STRONG_PASSWORD_ENFORCEMENT=off

    The Strong Password Enforcement feature is on.

    PASSWD_MIN_UPPER_ALPHABET_CHARS=0Sets the minimum number of upper case letters required.
    PASSWD_MIN_LOWER_ALPHABET_CHARS=1

    Sets the minimum number of lower case letters required.

  • No labels