Cisco Secure Local User Passwords

Unanswered Question
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Richard Burts Tue, 04/17/2007 - 04:21


Just to clarify the situation: are you describing a situation where the router or switch is configured to use Cisco Secure (ACS) for authentication and has "local" configured as an alternative/backup method and you want to enforce that the local passwords get changed periodically? Since local is used, by definition, when the router or switch is not communicating with ACS then I do not see how ACS could require that the passwords be changed.

If I have misunderstood something in your request then please clarify.



Craig Balfour Tue, 04/17/2007 - 05:42

When you say "local" do you mean user accounts created:

a) on the switches themselves using the "username XXXXX password YYYYY" command; or

b) in the CiscoSecure database on the Cisco ACS?

If it's the latter, the feature you're looking for is password aging. Take a look at "Enabling Password Aging for the ACS Internal Database" at


This Discussion