Cisco ISE – Password Policy

As I stated in my last post, i have been using Cisco ISE more and more and recently got locked out of my instance… You can read more about how I reset the local credentials here.  I want to prevent this from happening again and there are two ways to complete this:

1 – Disable and/or modify the local password policy

2 – Integrate ISE with Active Directory and leverage domain wide password policies.

We will look at Option 1 in this post. The first thing to do is navigate to Administration -> Admin Access -> Authentication. From there there will be a tab for Password Policy.

Screen Shot 2020-05-02 at 1.37.09 PM

At the bottom of this screen, there will be an option called Administrator Passwords expire 45 days after creation or last change. You can increase the number of days or disable the setting all together by unchecking the box. I chose to disable it entirely as my ISE instance will be integrated to Active Directory and leverage those password policies.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s