Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Wrong username must not prompt for password

Hi All

I have cisco devices with "aaa-new model" enabled on it. But I don't have Cisco ACS.

Now my requirement is to enable my devices such that if I put wrong username, it must not prompt for password.

Ragards

BSN

1 REPLY

Re: Wrong username must not prompt for password

Hi

I dont think this is possible and even if it is, it's a bad idea as it gives a potential hacker a better idea of how they are getting on.

What I mean by that is, currently have 2 unknown values,

"Who I am" the username and "What I know" the password. By dropping the connection after a failed attempt I now know that is an invalid option, once I get prompted for a password, I now know the "Who I am" part of your security policy where as before I had nothing.

136
Views
0
Helpful
1
Replies
CreatePlease to create content