Live Experience

Juniper Change the Format of Plain-Text Passwords
You want to require the passwords for user accounts to be longer than six characters and to have more than one case change.
Set all plain-text passwords to be from 8 to 20 characters long and to contain at least 
two case changes:
# set system login password maximum-length 20
# set system login password minimum-length 8
# set system login password minimum-changes 2
By default, plain-text passwords must be at least six characters long and must contain one change from either letters to numbers (or vice versa) or from lowercase to uppercase (or vice versa). You can harden the router's security even more by increasing the minimum password length and the minimum number of case and letter-to-number changes.
The commands in this recipe require that all plain-text passwords be from 8 to 20 characters long and contain at least 2 case changes. The changes take effect when you next configure a plain-text password for a user:
# set system login user sage authentication plain-text-password
New password:B3245h
error: minimum password length is 8
error: require 2 changes of case, digits or punctuation
This password is not acceptable because it is shorter than eight characters and has only one change from a letter to a number. An example of a valid password with these conditions is $4551people.
Changing the Plain-Text Password Encryption Method
When setting up passwords for login accounts on the router, if you assigned plain-text passwords, the default encryption is SHA1. You want to change this to either DES or MD5.
Use the following command to change the encryption used for plain-text passwords to DES:
# set system login password format des
For MD5 encryption, use the following command:
# set system login password format md5
All passwords that you enter in a JUNOS configuration are encrypted. For plain-text passwords, you can use one of three types of encryption: SHA1 (the default and the strongest), MD5, or DES. The encryption type that you configure is used for all plain-text passwords. You cannot specify different encryption types for different users.


You are here: Home / Knowledge Base / Juniper Change the Format of Plain-Text Passwords