Configuring the Weak Passwords List

The Weak Passwords List table lets you configure up to 150 passwords that you want the device to consider as weak. If a user's password in the Local Users table also appears in the Weak Passwords List table, the device raises the SNMP alarm acWeakPasswordAlarm (OID 1.3.6.1.4.1.5003.9.10.1.21.2.0.156), indicating that a weak password was configured for the specific user (Username). The alarm is cleared if the user's password is reconfigured to a password that is not considered weak (i.e., not in the Weak Passwords List table), or if the user is deleted from the Local Users table (see Configuring Management User Accounts).

Before you can use the device's weak password detection feature, you need to enable the feature (see Enabling Weak Password Detection.)
By default, the Weak Passwords List table contains six weak passwords: "Admin", "mindA", "password", "Password", "123456", and "12345678". You can modify or delete these entries.

The following procedure describes how to configure the weak password list through the Web interface. You can also configure it through ini file [WeakPasswordsList] or CLI (configure system > web > weak-passwords-list).

To configure a list of weak passwords:
1. Open the Weak Passwords List table (Setup menu > Administration tab > Web & CLI folder > Weak Passwords List).
2. Click New; the following dialog box is displayed:

3. Configure a weak password according to the parameters described in the table below.
4. Click Apply, and then save your settings to flash memory.

Weak Passwords List Table Parameter Descriptions

Parameter

Description

'Index'

[Index]

Defines an index number for the new table row.

Note: Each row must be configured with a unique index.

'Weak Password'

weak-pass

[WeakPassword]

Defines a weak password.

The valid value is a string of up to 39 characters.