Details
Changes the default login password.
Rationale:
The login password is used for Telnet and SSH connections. The default device configuration does not require any strong user authentication enabling unfettered access to an attacker that can reach the device. A user can enter the default password and just press the Enter key at the Password prompt to login to the device. Setting the login password causes the device to enforce use of a strong password to access user mode. Using default or well-known passwords makes it easier for an attacker to gain entry to a device.
Solution
Run the following to set the login password.
hostname(config)#passwd
The login_password parameter should be the plain-text password used to log into the system
Default Value:
The default password is ‘cisco’.
8.4(2)
The SSH default username is no longer supported; you can no longer connect to the ASA using SSH with the pix or asa username and the login password.
9.0(2), 9.1(2)
The default password, ‘cisco,’ has been removed; you must actively set a login password. Using the no passwd or clear configure passwd command removes the password; formerly, it reset it to the default of ‘cisco.’
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Cisco.