Defining Users

The default username/password is cisco/cisco. The first time that you log in with the default username and password, you are required to enter a new password. If the password that you choose is not complex enough (Password Complexity Settings are enabled in the Password Strength page), you will be prompted to create another password.

Setting User Accounts

The User Accounts page enables entering additional users that are permitted to access to the switch (read-only or read-write) or changing the passwords of existing users.

NOTE     It is not permitted to delete all users. If all users are selected, the Delete button is disabled.

To add a new user:

  1. Click Administration > User Accounts. The User Accounts page displays.
  2. This page displays the users defined in the system.

  3. Click Add to add a new user or click Edit to modify a user. The Add (or Edit) a User Account page displays.
  4. Enter the parameters.
    • User Name--Enter a new username between 0 and 20 characters. UTF-8 characters are not permitted.
    • Password--Enter a password (UTF-8 characters are not permitted). If the password strength and complexity is defined, the user password must comply with the policy configured in the Setting Password Complexity Rules section.
    • Confirm Password--Enter the password again.
    • Password Strength Meter--Displays the strength of password. The policy for password strength and complexity are configured in the Password Strength page.
    • User Level--Select the privilege level of the user being added/edited.
      • Read-Only CLI Access (1)--User cannot access the GUI, and can only access CLI commands that do not change the switch configuration.
      • Read/Limited Write CLI Access (7)--User cannot access the GUI, and can only access some CLI commands that change the switch configuration. See the CLI Reference Guide for more information.
      • Read-/Write Management Access (15)--User can access the GUI, and can configure the switch.
  5. Click Apply. The user is added to the Running Configuration file of the switch.

Setting Password Complexity Rules

Passwords are used to authenticate users accessing the switch. Password management consists of setting general password complexity rules and the specific user passwords. Various aspects of password complexity are minimum password length, number of character classes, and the requirement that a new password be different from the previous one.

To define password complexity rules:

  1. Click Security > Password Strength. The Password Strength page displays.
  2. Enter the following aging parameters for passwords:
    • Password Aging--If selected, the user is prompted to change the password when the Password Aging Time expires.
    • Password Aging Time--Enter the number of days that can elapse before the user must change the password.

    NOTE     Password aging also applies to zero-length passwords (no password).

  3. Select Password Complexity Settings to apply complexity rules for passwords.
  4. If password complexity is enabled, passwords must conform to the following:

    • Have a minimum length of eight characters.
    • Contain characters from at least three character classes (uppercase letters, lowercase letters, numbers, and special characters available on a standard keyboard).
    • Are different from the current password.
    • Contain no character that is repeated more than three times consecutively.
    • Do not repeat or reverse the user’s name or any variant reached by changing the case of the characters.
    • Do not repeat or reverse the manufacturer’s name or any variant reached by changing the case of the characters.
  5. If Password Complexity Settings was selected, enter the parameters.
    • Minimal Password Length--Enter the minimal number of characters required for passwords.
    • Minimal Number of Character Classes--Enter the character classes that must comprise a password: lower case letters (1), upper case letters (2), digits (3), or special characters (4).

    NOTE     A zero-length password (no password) is allowed, and can still have password aging assigned to it.

    • The New Password Must Be Different than the Current One--If selected, the new password cannot be the same as the current password.
  6. Click Apply. The password settings are set, and the Running Configuration file is updated.