Cisco ISE – Password Policy

Posted on by VirTaylor

As I stated in my last post, i have been using Cisco ISE more and more and recently got locked out of my instance… You can read more about how I reset the local credentials here.  I want to prevent this from happening again and there are two ways to complete this:

1 – Disable and/or modify the local password policy

2 – Integrate ISE with Active Directory and leverage domain wide password policies.

We will look at Option 1 in this post. The first thing to do is navigate to Administration -> Admin Access -> Authentication. From there there will be a tab for Password Policy.

Screen Shot 2020-05-02 at 1.37.09 PM

At the bottom of this screen, there will be an option called Administrator Passwords expire 45 days after creation or last change. You can increase the number of days or disable the setting all together by unchecking the box. I chose to disable it entirely as my ISE instance will be integrated to Active Directory and leverage those password policies.

Published by VirTaylor

Taylor is currently a networking and virtualization engineer who currently holds his VCAP-DCD, VCP-DCV, VCP-DTM, VCP-DW, VCP-NV and CCS-Enterprise.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s