One Time Login Password

Unanswered Question
Dec 18th, 2008

Is there a way I can set up a user in ACS, and put a temporary password. As soon as this user logs in into the first device (router, firewall, etc) The device will ask him to change the password. This is for Management Purposes and I'm using the Internal Database for this.

Thanks in advance, for your help.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
didyap Wed, 12/24/2008 - 07:22

No its not possible as use in ACS to set temporary password.

cisco24x7 Wed, 12/24/2008 - 08:01

Having done this a few weeks ago, I can say that


Step #1: Create a group called test. In this

group, you will see "Passing Aging Rules".

Underneath that, you will see a check box to

force the user to change the password on the

first log-in after an administrator has changed it.

Step #2: Create a user say "cciesec". You

then associate this user with group "test".

Step #3: Under System Configuration, Local

Password Management, un-check "Remote Change

Password". This will allow user to change

password anytime they wish.

Step #4: Restart ACS service, no need to


With the correct IOS image, you can even

change password via SSH in addition to telnet.

[[email protected]]# telnet


Connected to

Escape character is '^]'.

User Access Verification

Username: ngx1


Your password has expired.

Enter a new one now.

New Password:

Re-enter New password:

Password Changed


Easy right?


This Discussion