Updating User Password

When logging in for the very first time, the default login is as follows: 

• username: admin
• password: tellabs

You will be forced to change the password on first use.

The default password complexity rules if they have not been modified at the EMS are: 

Password Policy:

• Password must:

contain at least 2 upper case letters, 2 lower case letters, 2 numbers, and 2 special characters have no character repeated consecutively 3 times be different from the prior password by at least 4 characters not contain any form of the UserID, forwards or backwards

• Password must be a minimum of 15 characters for Admin users.
• Password must be a minimum of 9 characters for non Admin users.
• Password must not exceed 30 characters.
• Password cannot be the same as previous 8 passwords.

Password Policies are configured on the EMS via the following GUI.
Click on the OLT you want to modify the policy for, then right click and select Local User Configuration.

On the Local User Configuration Fill out the applicable information.

The following configurable parameters are defined for the CLI policies: 

• Password Aging Period: Defines how long before a user is forced to change their password.  Default for admin users is 30 days, default for non- users is 60 days.  The maximum aging period is 180 days.  If the Password Aging Period is set to zero, password aging is not performed and users are never forced to change their password.
• Inactivity Aging Period: The inactivity aging period defines how long a user can go without logging into their account before the account is disabled.
• Minimum Time between Password Changes: Defines the minimum timeout between changes to prevent a user rapidly rotating passwords.
• Max Active Sessions: The maximum sessions that are allowed per user.
• Allowed Failed Logins: The number of failed logins before the account is locked.
• Grace Logins: The number of times the user is allowed to log in after the user's password has expired.  When the grace logins is expired the user is forced to change their password.
• Grace Login After Expiring: The time period after the password expires where grace logins are allowed.  After the grace login timeout has expired it will allow grace logins.  Once this timer has expired, grace login is no longer allowed and the user is forced to perform a password change.
• Password History Depth: The number of passwords that are kept in the history.  Users are not allowed to select previously any previously used password stored in the password history.
• Inactivity Timeout(minutes): The timeout in minutes for inactivity.  The user will be automatically locked out after the timeout expires to ensure that sessions are not left unattended and possibly expose the account to misuse.
• Session Lockout Duration: When sessions are locked due to exceeding the max failed logins per port, the system will lock out the user for the timeout defined by the session lockout duration.
• Login Port Lockout duration 
• Enable Display of last login status: Defines whether the user on login will be presented with the time of the last successful and unsuccessful login.
• Allow Admin Debug Access: Defines whether admin users are allowed to use the debug menu.
• Prevent Username in Password: Prevents users including their username in the password.
• Max Password Length: The maximum length allowed for user passwords.
• Min Password Length: The required minimum password length for non admin user passwords.
• Min Admin Password Length: The required minimum password length for admin users.
• Alphabetic Characters Required: The number of characters within the set a-z, A-Z that are required within user passwords.
• Upper Case Characters Required: The number of upper-case characters required in user passwords.
• Lower Case Characters Required: The number of lower-case characters required in user passwords. 
• Digits Required: The number of digits 0-9 that are required within user passwords.
• Different Characters Required: Defines that number of characters that must differ between the old and new passwords.  
• Default to normal complexity: This defines the defaults to be the standard Tellabs default values that match most enterprise defaults.
• Default to high complexity: Matches DoD password complexity guidelines defined in the UCR.
• Apply User Settings: Applies all the configuration values to the OLT.  The settings are applied to all users accounts.
• Add: Add a new user.
• Modify: Modify an existing User.
• Reset Password: Admin EMS users are allowed to reset CLI passwords on the OLT.  The user can then log in with the temporary password and will be forced to change their password on login.
• Delete: Delete a User.
• Refresh: Re-read configuration and status data from the OLT since users on the OLT can make modifications.  This synchronizes to any changes that were made since the user brought the dialog up.
• Close: Close the dialog.