Re: unity log in

mymite060708 · ‎08-15-2006

is there a way for users to log into their voicemail with out having to enter a pin, I advised the customer of the security risk but the really want this feature

Thanks

Rob Huffman · ‎08-15-2006

Hi Dave,

This is possible, but as you noted **Highly Discouraged**. Have a look;

Phone Password Restriction Settings

Phone password restriction settings allow you to define a system-wide password policy that applies when subscribers access Cisco Unity by phone. For greater security, establish rules that prevent passwords from being easy to guess and from being used for a long time. At the same time, is also best to avoid requiring passwords that are so complicated or that must be changed so often that subscribers have to write them down to remember them. Consider requiring that subscribers use a long eight or more digits and non-trivial password when you specify phone password restrictions.

Phone password restrictions cannot be changed for individual subscriber accounts. However, you can use the password settings on the template and individual subscriber pages in the Cisco Unity Administrator to govern the passwords that subscribers initially use to log on to Cisco Unity by phone, and to define whether and when subscribers can change their own phone passwords. You can also use the Cisco Unity Bulk Import wizard to set phone passwords for multiple subscriber accounts at the same time. (Refer to the Cisco Unity Bulk Import Help for details.)

Subscribers > Account Policy > Phone Password Restrictions Page

Phone Password Length Select one of the following settings:

Permit Blank Password Subscribers are able to log on without entering a password. Note that this leaves subscriber messages vulnerable to unauthorized access and toll fraud.

Minimum Number of Characters Subscribers are required to create a password at least X characters long. X is the value specified in the adjacent box. In general, shorter passwords are easier to use, but longer passwords are more secure. Eight or more digits is recommended.

When you change the minimum password length, subscribers will be required to use the new length the next time they change their passwords.

Hope this helps!

Rob

Please remember to rate helpful posts....

mymite060708 · ‎08-15-2006

thanks , if I allow blank passwords then all users will not have to enter one, or can you select some users to log in?

I just tested this by enabling "allow blank passwords" then removing my password, I got an asp error saying the field was blank, do I need to delete my account and re add it for this to work??

Rob Huffman · ‎08-15-2006

Hey Dave,

I have never tried this, so I am not positive on this? My take on this is that it is a system wide parameter that would only be applied to new accounts (not sure). Can you delete/recreate your account and see how things work.

Rob

gogasca · ‎08-15-2006

There is a feature in Unity 4.1 which allow you this:

Prompt for phone password

Indicate whether Cisco Unity prompts the subscriber to log on to Cisco Unity by entering a phone password:

Always:Cisco Unity prompts for a phone password before allowing the subscriber to access his or her mailbox.

Only When User Calls From Unknown Extension:

Cisco Unity prompts for a phone password before allowing the subscriber to access his or her mailbox when the subscriber calls Cisco Unity from a number that is not associated with the subscriber account. When this check box is checked, the subscriber is not required to enter a password when they call from the primary extension or an alternate device.

For security reasons, it may not be appropriate to allow subscribers who work in shared workspaces, cubicles, or other public areas in your organization (such as a lobby or reception area) to access Cisco Unity by phone without first entering a password.