The switch ships with default passwords assigned for access to Command Line Interface (CLI) through a console or management session. If you have read/write/all access authority, and you are using SNMPv3, you can change passwords that are in an encrypted format. If you are using Enterprise Device Manager (EDM), you can also specify the number of available Telnet sessions and rlogin sessions.
Note
Rlogin is only supported on VSP 8600 Series.
CLI password hash Secure Hash Algorithm (SHA) level changes are only supported on VSP 8600 Series.
Important
The default passwords are documented and well known. Change the default passwords and community strings immediately after you first log on.
After a factory default or if your switch has no primary or backup configuration files, a password change is required to access the CLI. The system provides three attempts to change the password, if unsuccessful you are taken back to the login prompt but are not locked out. You cannot reuse a password and your password cannot be empty. A password change is required irrespective of security mode, console, SSH, or Telnet access.
Note
If you upgrade to this release, the password hash configuration and custom users are retained until a factory default reset or until a password hash level change. During a factory default reset, all customer users are deleted, all SHA1 passwords are removed, and SHA2 becomes the new default password hash.
If you enable enhanced secure mode with the boot config flags enhancedsecure-mode command, you enable different access levels, along with stronger password complexity, length, and minimum change intervals. For more information on system access fundamentals and configuration, see System Access.