Changing the Format of Plain-Text Passwords

Problem

You want to require the passwords for user accounts to be longer than six characters and to have more than one case change.

Solution

Set all plain-text passwords to be from 8 to 20 characters long and to contain at least two case changes:

	[edit system login]
	aviva@router1# set password maximum-length 20
	aviva@router1# set password minimum-length 8
	aviva@router1# set password minimum-changes 2

 

Discussion

By default, plain-text passwords must be at least six characters long and must contain one change from either letters to numbers (or vice versa) or from lowercase to uppercase (or vice versa). You can harden the router's security even more by increasing the minimum password length and the minimum number of case and letter-to-number changes.

The commands in this recipe require that all plain-text passwords be from 8 to 20 characters long and contain at least 2 case changes. The changes take effect when you next configure a plain-text password for a user:

	[edit system login]
	aviva@router1# set user sage authentication plain-text-password
	New password:T91912
	error: minimum password length is 8
	error: require 2 changes of case, digits or punctuation

This password is not acceptable because it is shorter than eight characters and has only one change from a letter to a number. An example of a valid password with these conditions is $1991poppI.

When you change the requirements for plain-text passwords, the new parameters affect only newly created passwords, so already existing passwords may not be as secure as your new password policy.

See Also

Recipe 2.5


Router Configuration and File Management

Basic Router Security and Access Control

IPSec

SNMP

Logging

NTP

Router Interfaces

IP Routing

Routing Policy and Firewall Filters

RIP

IS-IS

OSPF

BGP

MPLS

VPNs

IP Multicast



JUNOS Cookbook
Junos Cookbook (Cookbooks (OReilly))
ISBN: 0596100140
EAN: 2147483647
Year: 2007
Pages: 290
Authors: Aviva Garrett

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net