Audix Mass-Password Reset

[neil24]

Hi. Everyone in the company currently uses a single password. Bad security, obviously.

What I would like to do is change everybody's password in one go to something like 110, so it forces them to change it to a 4digit password next time they log in (I already have the min 4 chars for password set). I don't want to go through every account and change it, as we have a few hundred accounts!

Thanks,
Neil.

 

[1a22ip]

Try to change the password aging parameters on the system parameters features page. Change to aging to 1 and all password will expire the next day! Sample below

PASSWORD AGING LIMITS (DAYS)
Password Expiration Interval: 0 (0 for no password aging)
Minimum Age Before Changes: 0
Expiration Warning: 0 (0 for no warning)

You will not be very popular after you change this. Users can be mean.

Good luck
ED

1a2 to ip I seen it all

 

[neil24]

lol !!

Thanks for the swift reply ...

so my thought is, change the expiration warning to 5 days so they get a weeks warning and countdown, then change Password Expiration Interval to 1...

Only thing is, if Mr X changes his password on Monday, But Mrs Y doesn't happen to change her password Monday, come Tuesday when I put the expiration back to 0, she won't have had to change her password will she?

 

[1a22ip]

I would make a mass email telling everyone that the passwords will expire on Thursday 8/18. On Friday 8/19 everybody will need to change their password. NO EXCEPTIONS. If you change your password on Wednesday You will have to change it again on Friday.

Hope this helps
ED

1a2 to ip I seen it all

 

[neil24]

But that's not good - someone who changed their password on Wednesday will again have to change it on Friday? there must be a better way where once you've changed it, you won't need to change it again?

 

[noisecode]

If you have ASA you could first export the subscriber list then import it back in to the system using the "change" command rather than "add". Set minimum password length to 3 and then in the spreadsheet for importing fill all password fields with "110" and run.

 

[neil24]

That's a great idea, but I have to use this blasted web interface that emulates the session in Java. I have ASA for the voice system, but can't seem to get it working with ASA (tried all ports open on the IP)...

Thanks for all your help guys - I'll take it from here and bear the brunt of the wicked users

 

[orypecos]

What about changing the minimum digits for a password, then when they login they will have to change it.

 

[neil24]

That's what I originally asked, but I have over 200 users - I don't want to go through them individually and change them. Is there a way of changing them all in one go?

 

[1a22ip]

If the minimum is set at 3 and a user has a 4 digit password and you change the minimum to 4 this user will not be prompted to change his password.

This will not be a eazy task

Good luck
ED

1a2 to ip I seen it all

 

[orypecos]

I agree with Ed above, but you could always make them have a very long password. Then maybe no one would have a long enough one that they wouldn't be prompted to change it.
If you go to the System- Parameters Features Screen, and change the minimum password length to something like 7, then you could always change it back to something reasonable after everyone has logged in and changed it from the default.

 

[surplus]

This is simpler than what it is being made out to be I believe. I just changed the minimum password in my Audix from 4 to 5 digits. I was prompted that the Guest password didn't meet the minimum requirements. I changed that to 12345 instead of 1234, entered the command and got "Command successfully completed:" I then logged in to Audix with my usual extension and password, and then got "Audix passwords must now be 5 digits in length, please enter a new password of 5 digits now.....

It's really that easy. If you make it one digit more than what the "default" is that they are using now, then you should have no problem. AND, if you have a user who already made their password 5 or more digits, they were never wrong to begin with, so they will never hear the prompt to change the password. Most people will use their home zip code for a password, or go one more digit and use a birthdate..

I don't know why anyone would want to require 7 digits for an audix password that's crazy.