I would setup a TACACS+ server. You can get a free one from Cisco, but you have to compile it. You can then create user names, passwords and priv levels. That way it's easier to change the passwords for those who know them. If you can swing something like ACS, even better.
We are moving that way, but with over 300 switches, it's a little slow. We are using a Palm application called Strip to keep our passwords. We can beam them to each other as necessary and Strip can create very cryptic passwords. How about something like Dr5Wl9aAW for a password? Hard to remember, hard to type and very hard to guess. Ken >>> "Paul" 06/10/02 11:11PM >>> Hi ... I am just about to change all the router/switch passwords in my company (about 40) ... I have only been there several weeks and I have only worked in a very small routing/switching environment before .... I have had to give access to an outside company so they can monitor certain WA N links they have set-up ... I have setup privilige level 7 for these guys with a relevant line vty username and password .... and priv level 15 for me .... All the routers and switches currently have different passwords .... because I have very little expereince in this field .. I was wondering what the norm would be ??? and what you guys yourselves have done in situations like this .... or is there another way I could do this ??? Oh yes ... and I don't have any TACACS or Radius servers or the such for remote authentication ..... Any comments or advice will be greatly welcomed ... Thanks .. Paul .. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46274&t=46246 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
