Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS 5.4 different password from enable password


Is it  possible in ACS , in this case, to force a user to have a different user password and enable password?  We want the ACS to hanle both user and enable passwords, but want to be sure that the user has a different password for each and not the same password. Is therre a way in ACS to force different passwords?

Thanks for the help


Everyone's tags (1)
New Member

ACS 5.4 different password from enable password

Hi Mickey,

Try using the option of “System Administration > Users > Authentication Settings > Advanced Tab > Password History”

Password   must be different from the previous n versions.

Specifies  the number of previous passwords for this user   to be compared  against. This option prevents the users from setting a   password that  was recently used. Valid options are 1 to 99.

Cisco Employee

ACS 5.4 different password from enable password

Hi Mikik,

When you want this to be triggered, because you can define different user and enable password while creating/adding a user on the ACS locally. Could you please explain?

The below listed link talks about the password complexity options for ACS internal database.

Note, that there is a switch in 'system administration -> users -> authentication settings -> advanced' where one can turn on / off the separate TACACS enable password ('Select whether a separate password should be defined in the user record to store the Enable Password'). I think it is enabled by default.

Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
CreatePlease login to create content