password expiry

Unanswered Question
Jul 20th, 2009

Any Cisco documents regarding IOS local account doesn't support password expiry?

Have to ask this because a friend who's network is being audited ask me whether IOS local account support password expiry. I make a constructive reply which in summary (for the purpose of this forum) the answer is NO. However, "they" need proof from Cisco. We even asked our CCIE friend to make a statement, but even that was scrapped.

Come to think of it, I can't find any documentation from Cisco to support this. Anyone can direct me to that documentation if any?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Lucien Avramov Mon, 07/20/2009 - 20:35

You can open a TAC case to have an official work on this.

The documentation is here:

As you will see there is no option to set password expiry on it.

Now if you don't save it on the router's startup config, then after reboot, the user will not be there anymore.

Danilo Dy Mon, 07/20/2009 - 21:26

Hi Lucien,

Thanks for the link, but I don't see it mention why IOS doesn't support "password expiry".

The querry doesn't carry any weight to open a TAC case. For such thing as simple as this, I think Cisco should make the explanation available online.

Anyway, opening a TAC case is one thing I suggested to my friend earlier.




This Discussion