4 Replies Latest reply on May 23, 2013 12:12 AM by grinder

    Change Administrator Password


      Upon logging into our firewall today, through the admin console, I was forced to change the Administrator password.  I cannot find anywhere to disable this.  I would like to keep the same password in all of our devices for management purposes.  Is this something that can be disabled?  If so how?  Or is this just something that we must live with?  This is a s2008 appliance with the latest software I think it is 8.03P01  but I know it is the latest version.  Thanks for your help.

        • 1. Re: Change Administrator Password

          In older versions (pre v7) I believe it was possible to configure the local authentication server service to disable enforced password changing.


          However, since v7, you are no longer able to do this.


          The compromise option is to go to the settings screen for the "Password" authentication service and increase the expiry value to the largest value it will accept.


          You need to go to Policy --> Rule Elements --> Authentiators, select the Password authenticator service to change this value.


          Ironically, while logging into my v8 appliance to check this setting I was forced to change my password! I personally don't have an issue with doing so, but not being able to do so using SSH is a bit of a pain because it doesn't actually tell you that the password has expired - just that it is no longer valid.



          • 2. Re: Change Administrator Password

            Thanks for the info.  It would be nice if this was an option that you could turn off if you wanted.

            • 3. Re: Change Administrator Password

              Go to Authenticators and click on Password and change the Expiration to 99999999 and your passwords will not expire for around 273972 years (that's not exact though, because of intercalation).

              1 of 1 people found this helpful
              • 4. Re: Change Administrator Password

                Thanks I think that will work.  I hope to be retired by then