Feature |
Product |
Release introduced |
---|---|---|
SHA512 Password Hashing Note:
When upgrading, SHA1 password hashes and custom users are retained, until a factory default reset or until the password hash level is changed. During a factory default reset,SHA2 512-bit becomes the default password hash, all custom users are deleted, and SHA1 passwords are removed. |
5320 Series |
Fabric Engine 8.8 |
5420 Series |
Fabric Engine 8.8 |
|
5520 Series |
Fabric Engine 8.8 |
|
5720 Series |
Fabric Engine 8.8 |
|
7520 Series |
Fabric Engine 8.10 |
|
7720 Series |
Fabric Engine 8.10 |
|
VSP 4450 Series |
VOSS 8.8 |
|
VSP 4900 Series |
VOSS 8.8 |
|
VSP 7200 Series |
VOSS 8.8 |
|
VSP 7400 Series |
VOSS 8.8 |
|
VSP 8200 Series |
VOSS 8.8 |
|
VSP 8400 Series |
VOSS 8.8 |
|
VSP 8600 Series |
VSP 8600 8.1 |
|
XA1400 Series |
VOSS 8.8 |
Important
The default passwords are documented and well known. Change the default passwords and community strings immediately after you first log on.
The switch ships with default passwords assigned for access to Command Line Interface (CLI) through a console or management session. If you have read/write/all access authority, and you are using SNMPv3, you can change passwords that are in an encrypted format. If you use EDM, you can also specify the number of available Telnet sessions.
After a factory default or if your switch has no primary or backup configuration files, a password change is required to access the CLI. The system provides three attempts to change the password, if unsuccessful you are taken back to the login prompt but are not locked out. You cannot reuse a password and your password cannot be empty. A password change is required irrespective of security mode, console, SSH, or Telnet access.
Note
If you upgrade to a release that supports password hash configuration, custom users are retained until a factory default reset or until a password hash level change. During a factory default reset, all customer users are deleted, all SHA1 passwords are removed, and SHA2 becomes the new default password hash.
If you enable enhanced secure mode with the boot config flags enhancedsecure-mode command, you enable different access levels, along with stronger password complexity, length, and minimum change intervals. For more information on system access fundamentals and configuration, see System Access.