Configuring Secure Passwords on Managed Switches - Metasys - LIT-12012458 - Field Device - 13.0

Metasys IP Networks for BACnet/IP Controllers Technical Bulletin

Brand
Metasys
Document type
Technical Bulletin
Document number
LIT-12012458
Version
13.0
Revision date
2023-10-23
Product status
Active
Language
English

While not enforced by the switches themselves, it is recommended the rules for complex passwords enforced by the network engine s for the passwords of the switches comprising the Metasys BACnet/IP network. For the complex password rules enforced by the network engine , refer to the network engine commissioning guides as listed in Table 1. It is also recommended that the passwords be encrypted in the switch configuration file for added security.

On a Cisco managed switch, to create a new user account with a complex password encrypted using a salted MD5 hash, as well as setting the password for the "enable" command to a complex password encrypted using a salted MD5 hash, complete the following steps in Table 1:

Table 1. Configuring a Secure Password on a Cisco managed switch

Configuration Step

Cisco IOS CLI Command

1

Enter global configuration mode.

Switch# configure terminal

2

Create a new "jci" user account with the highest privilege of 15 whose complex password of "CatWith4Legs!" is encrypted using a salted MD5 hash.

Switch(config)# username jci privilege 15 secret 5 CatWith4Legs!

3

Change the password for the "enable" command to a complex password of "CatWith2Fins!" and which is encrypted using a salted MD5 hash.

Switch(config)# enable secret 5 CatWith2Fins!

4

Exit global configuration mode.

Switch(config)# exit