User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Email Security Appliance C680

851

852

853

854

855

856

857

858

859

860

32-20

AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide

Chapter 32 Distributing Administrative Tasks

Passwords

Step 5 Submit and commit your changes.

What To Do Next

If you selected List of words to disallow in passwords, create and upload the described text file.

External Authentication

If you store user information in an LDAP or RADIUS directory on your network, you can configure your

Cisco appliance to use the external directory to authenticate users who log in to the appliance. To set up

the appliance to use an external directory for authentication, use the System Administration > Users page

in the GUI or the

userconfig command and the external subcommand in the CLI.

Password Rules:

List of words to disallow in

passwords

You can create a list of words to disallow in passwords.

Make this file a text file with each forbidden word on a separate line.

Save the file with the name

forbidden_password_words.txt and use

SCP or FTP to upload the file to the appliance.

If this restriction is selected but no word list is uploaded, this

restriction is ignored.

Password Strength You can display a password-strength indicator when an admin or user

enters a new password.

This setting does not enforce creation of strong passwords, it merely

shows how easy it is to guess the entered password.

Select the roles for which you wish to display the indicator. Then, for

each selected role, enter a number greater than zero. A larger number

means that a password that registers as strong is more difficult to

achieve. This setting has no maximum value.

Examples:

• If you enter 30, then an 8 character password with at least one

upper- and lower-case letter, number, and special character will

• If you enter 18, then an 8 character password with all lower case

letters and no numbers or special characters will register as strong.

Password strength is measured on a logarithmic scale. Evaluation is

based on the U.S. National Institute of Standards and Technology rules

of entropy as defined in NIST SP 800-63, Appendix A.

Generally, stronger passwords:

• Are longer

• Include upper case, lower case, numeric, and special characters

• Do not include words in any dictionary in any language.

To enforce passwords with these characteristics, use the other settings

on this page.

Setting Description