Details

Restricts the number of password changes a locally authenticated user can make within a given number of hours. The value can be:


- Enable - The change interval policy is active.


- Disable - The change count policy is active.



The default is Enable.



Note: You must have admin or aaa privileges to change the password profile properties.


Solution

Log into the Cisco APIC Web Console:
Navigate to 'Admin' -> 'AAA' -> 'Security'.

Click the 'Management Settings' tab.

In the 'Properties' section ensure 'Enforce Password Change Interval' is set to 'Enabled'


This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Cisco_ACI.


References


Source