Configuring the Weak Passwords List
The Weak Passwords List table lets you configure up to 150 passwords that you want the device to consider as weak. If a user's password in the Local Users table also appears in the Weak Passwords List table, the device raises the SNMP alarm acWeakPasswordAlarm (OID 1.3.6.1.4.1.5003.9.10.1.21.2.0.156), indicating that a weak password was configured for the specific user (Username). The alarm is cleared if the user's password is reconfigured to a password that is not considered weak (i.e., not in the Weak Passwords List table), or if the user is deleted from the Local Users table (see Configuring Management User Accounts).
| ● | Before you can use the device's weak password detection feature, you need to enable the feature (see Enabling Weak Password Detection.) |
| ● | By default, the Weak Passwords List table contains six weak passwords: "Admin", "mindA", "password", "Password", "123456", and "12345678". You can modify or delete these entries. |
The following procedure describes how to configure the weak password list through the Web interface. You can also configure it through ini file [WeakPasswordsList] or CLI (configure system > web > weak-passwords-list).
| ➢ | To configure a list of weak passwords: |
| 1. | Open the Weak Passwords List table (Setup menu > Administration tab > Web & CLI folder > Weak Passwords List). |
| 2. | Click New; the following dialog box is displayed: |
| 3. | Configure a weak password according to the parameters described in the table below. |
| 4. | Click Apply, and then save your settings to flash memory. |
Weak Passwords List Table Parameter Descriptions
|
Parameter |
Description |
|---|---|
|
'Index' [Index] |
Defines an index number for the new table row. Note: Each row must be configured with a unique index. |
|
'Weak Password' weak-pass [WeakPassword] |
Defines a weak password. The valid value is a string of up to 39 characters. |