Creating Strong Passwords | Cisco Systems CB21AG, PI21AG specs

Creating Strong Passwords

Appendix A EAP Messages

Creating Strong Passwords

Creating Strong Passwords

Never write passwords down, on paper or online. Instead, create passwords that you can remember easily but no one can guess easily. One way to do this is create a password that is based on a song title, affirmation, or other phrase. For example, the phrase could be “This May Be One Way To Remember” and the password could be “TmB1w2R!” or “Tmb1W>r~” or some other variation.

Note Do not use either of those examples as passwords.

Characteristics of Strong Passwords

Strong passwords have the following characteristics:

•Contain both upper and lower case characters (e.g., a-z, A-Z).

•Contain numerals and punctuation as well as letters (e.g., 0-9, !@#$%^&*()_+~ =\`{}[]:";'<>?,./)

•Are at least five alphanumeric characters long.

•Are not a word in any language.

•Are not slang, dialect, or jargon.

•Are not based on personal information, such as the names of family members.

Characteristics of Weak Passwords

A weak password has the following characteristics:

•Contains fewer than eight characters.

•Is a word found in a dictionary (English or foreign)

•Is any other term that is easily guessed or found in common usage. The following are examples of terms that are easily guessed:

–The name of family, pet, friend, coworker, or fantasy character.

–A computing term or name, such as a command, site, company, model, or application.

–A birthday or another kind of personal information, such as an address or telephone number.

–A predictable letter pattern or number pattern, such as aaabbb, qwerty, zyxwvuts, or 123321.

–Any of the above spelled backwards.

–Any of the above preceded or followed by a digit.

Cisco Aironet 802.11a/b/g Wireless LAN Client Adapters (CB21AG and PI21AG) Installation and Configuration Guide for Windows Vista

	OL-16534-01	A-9

Image 133

Cisco Systems CB21AG Creating Strong Passwords, Characteristics of Strong Passwords, Characteristics of Weak Passwords

Contents

Americas Headquarters Software ReleaseCisco Systems, Inc 170 West Tasman Drive San Jose, CA 800 553-NETS Fax 408 Turn the television or radio antenna until the interference stops Ad Hoc Wireless LAN Network Configurations Using Client AdaptersFCC Safety Compliance Statement Preface Two-Phase Tunneled Authentication Advanced Roaming SettingObtaining Client Adapter Software Inserting the Card Configuring LEAP Accessing LEAP Properties for ConfigurationConfiguring and Starting Logging Finding the Version of the LEAP Module Antenna Installation Warning Creating Strong Passwords A-9EAP Messages A-1 English Translation D-7 Acknowledgments and Licensing F-1 ChannelsChinese Translation English Translation OL-16534-01 viii Audience PrefacePurpose Audience, page Purpose, page Organization, page Conventions, page Conventions Organization Varoitus Tämä varoitusmerkki merkitsee vaaraa. Olet tilanteessa, joka voi johtaa ruumiinvammaan. Ennen kuin työskentelet minkään laitteiston parissa, ota selvää sähkökytkentöihin liittyvistä vaaroista ja tavanomaisista onnettomuuksien ehkäisykeinoista. Tässä julkaisussa esiintyvien varoitusten käännökset löydät liitteestä Translated Safety Warnings käännetyt turvallisuutta koskevat varoitukset Obtaining Documentation, Obtaining Support, and Security Guidelines Related Publications Network Configurations Using Client Adapters, page Product Overview and InstallationSafety information, page Unpacking the Client Adapter, page Installing the Client Adapter Driver and Software, page Terminology Introduction to the Client AdaptersPC-Cardbus card Radio Hardware ComponentsRadio Antenna LEDs Ad Hoc Wireless LAN Network Configurations Using Client AdaptersSoftware Components Figure 1-1 Ad Hoc Wireless LAN Wireless Infrastructure with Workstations Accessing a Wired LAN FCC Safety Compliance Statement Safety informationSafety Guidelines Warnings Unpacking the Client Adapter System Requirements Package Contentshttp//support.microsoft.com/kb/932063 http//support.microsoft.com/kb/935222 For Infrastructure Devices Site RequirementsFor Client Devices Inserting a PC-Cardbus Card Inserting the Client Adapter1-10 Changing the Bracket Inserting a PCI CardInsert the card see the “Inserting the Card” section on page Assemble the antenna see the “Assembling the Antenna” section on page 1-12 Inserting the Card 1-13 Assembling the Antenna 1-14 Mounting the Antenna Step 1 Perform one of the following 1-15 Step 8 If the Found New Hardware Wizard window appears, click Cancel 1-16 Step 7 Click Cisco Aironet Wireless LAN Client Adapters Step 5 Click Wireless SoftwareObtaining Client Adapter Software Step 6 Click Client Adapters and Client Software 1-18 Installing the Client Adapter Driver and Software Figure 1-11 Cisco Aironet Installation Program Window 1-19Hardware Insertion Figure 1-13 Cisco Aironet Installation Program-Setup Status Window 1-20 Step 8 Click Finish 1-21 1-22 Overview of Wireless Profiles, page Configuring Wireless ProfilesAccessing Microsoft Vista Network and Sharing Center, page Creating a New Profile and Configuring Basic Settings, page Accessing Microsoft Vista Network and Sharing Center Overview of Wireless Profiles Creating a New Profile and Configuring Basic Settings Cisco Aironet 802.11a/b/g Wireless Adapter see Figure Creating a New Profile and Configuring Basic Settings Step 7 In this dialog box, enter information for the wireless network that you want to add.Table 2-1 lists and describes general settings for the profile. Follow the instructions in the table to configure these settings Setting Encryption Types” section on pageWhat to Enter and Encryption Types” section on page Chapter 3, “Configuring EAP Types.” The enterprise network EAPProfile Management General Settings continued What to Enter WEP Shared Security with Static WEP Keys Security and Encryption TypesWPA and WPA2 2-10 2-11 802.1X with Dynamic WEP Keys CCKM Fast Secure Roaming Accessing a Profile That Was Created Previously2-12 2-13 Viewing and Changing the Settings of a ProfileFigure 2-7 Network and Sharing Center Window Figure 2-8 Wireless Network properties Dialog Box-Connection Tab 2-14 Settings dialog box. See the “Radio Measurement” section on is available, Choose Control Panel Manage Wireless Networkspage 2-18 and the “Advanced Roaming Setting” section on page in Table 2-1 on page Figure 2-9 Wireless Network properties Dialog Box-Security Tab 2-16 2-17 2-18 Radio Measurement 2-19 Advanced Roaming Setting 2-20 Configuring EAP-FAST, page Overview of LEAP, page Configuring EAP TypesHow LEAP Works, page Configuring LEAP, page Configuring PEAP-GTC, page Two-Phase Tunneled Authentication, page Two-Phase Tunneled AuthenticationProtected Access Credentials, page How EAP-FAST Works Server Certificate Validation Protected Access Credentials Accessing EAP-FAST Properties for Configuration Configuring EAP-FASTAccessing EAP-FAST Properties for Configuration, page Configuring EAP-FAST Settings in the Connection Tab, page Configuring EAP-FAST Settings in the Connection Tab Default anonymous Default On Default None Default OnDefault Enabled Use Protected Access PAC box and the Validate Server Certificate box at the same time Default Off Overview of the User Credentials Tab Usernames and PasswordsClient Certificates 3-10 Configuring EAP-FAST Settings in the User Credentials TabFigure 3-3 User Credentials Tab in EAP-FAST Properties Window Mode with OTP” section on page information about OTP, see the “Understanding PIN Mode and Token3-11 3-12 Understanding PIN Mode and Token Mode with OTPFigure 3-4 New PIN Prompt Window Figure 3-5 Next Token Prompt Window 3-13 Configuring EAP-FAST Settings in the Authentication Tab Table 3-3 lists and describes options for authentication 3-14Figure 3-6 Authentication Tab in EAP-FAST Properties Window a certificate on this computer radio button in the User Default Disabled3-15 Select an authentication 3-16 Finding the Version of the EAP-FAST ModuleFigure 3-7 About Tab in EAP-FAST Properties Window How LEAP Works Overview of LEAP3-17 Accessing LEAP Properties for Configuration Configuring LEAPAccessing LEAP Properties for Configuration, page Configuring LEAP Settings in the Network Credentials Tab, page 3-19 Configuring LEAP Settings in the Network Credentials TabFigure 3-8 Wireless Network Properties Window Settings 3-20Table 3-4 LEAP Network Credentials Settings LEAP Network Credentials Finding the Version of the LEAP Module Overview of PEAP-GTC3-21 3-22 How PEAP-GTC Works Accessing PEAP-GTC Properties for Configuration Configuring PEAP-GTCAccessing PEAP-GTC Properties for Configuration, page Configuring PEAP-GTC Settings in the Connection Tab, page Figure 3-10 Wireless Network Properties Window 3-24 3-25 Configuring PEAP-GTC Settings in the Connection TabFigure 3-11 Connection Tab in PEAP-GTC Properties Window If the Validate server certificate box is checked and the Do not Default anonymousprompt user to authorize new servers or trusted certificate If the Validate server certificate box is checked but the Do not 3-27 Configuring PEAP-GTC Settings in the User Credentials Tab password option Default Offand Token Mode with OTP” section on page which is the case for the Prompt automatically for username and PEAP-GTC User Credentials Options continued 3-29Figure 3-13 New PIN Prompt Window Finding the Version of the PEAP-GTC Module Understanding PEAP-GTC Authentication3-30 Figure 3-14 Next Token Prompt Window Using Microsoft Tools to Perform Administrative Tasks, page Performing Administrative TasksThe EAP-FAST XML Schema, page The PEAP-GTC XML Schema, page The LEAP XML Schema, page Logging for EAP Modules, page Overview of Group Policy Objects Using Microsoft Tools to Perform Administrative TasksAdding a Group Policy Object Editor Overview of Group Policy Objects, page a. Go to File Add/Remove Snap-in Creating a EAP Group Policy Object in Windows Vistag. From the Select Group Policy Object dialog box, click Finish Configuring Machine Authentication for EAP-FAST Configuring Machine Authentication for PEAP-GTC Configuring Single Sign-On for EAP-FASTConfiguring Single Sign-On for PEAP-GTC and LEAP The EAP-FAST XML Schema xsdocumentation xselement xschoice xselement name=authenticateWithToken xscomplexType xssequence xselement xselement name=sendViaInnerMethod xscomplexType xsall 4-10 xscomplexType name=PasswordFromProfile xssimpleContent 4-11 4-12 xsannotation xselement xschoice xselement name=enableFastReconnect 4-13 4-14 xssimpleType xsrestriction base=xsstring xsenumeration value=exactly 4-15 xselement name=anyServerName type=Empty xsannotation 4-16 4-17 The PEAP-GTC XML Schema 4-18 xscomplexContent xscomplexType xscomplexType name=IdentityPattern 4-19 xscomplexType name=TokenSource xschoice 4-20 xschoice xssequence xscomplexType 4-21 4-22 4-23 The LEAP XML Schema attributeFormDefault=unqualified xselement name=eapLeap type=EapLeap 4-24 4-25 Configuring and Starting Logging, page Configuring and Starting LoggingStep 1 Choose Start All Programs Accessories Step 2 Right-click Command Prompt and select Run as administrator wevtutil sl Cisco-EAP-FAST/Debug /efalse Disabling Logging and Flushing Internal Bufferswevtutil sl Cisco-EAP-PEAP/Debug /efalse wevtutil sl Cisco-EAP-LEAP/Debug /efalse wevtutil sl Cisco-EAP-FAST/Debug /lfn“pathtoetllogfile” Locating Log Fileswevtutil sl Cisco-EAP-PEAP/Debug /lfn“pathtoetllogfile” wevtutil sl Cisco-EAP-LEAP/Debug /lfn“pathtoetllogfile” Removing a Client Adapter, page Routine ProceduresUpgrading the Client Adapter Software, page Removing a PC-Cardbus Card Removing a Client AdapterRemoving a PCI Card Upgrading the Client Adapter Software Step 5 Click Update the previous installation Figure 5-3 Cisco Aironet Installation Program-Setup Status Window Step 8 Click Finish Troubleshooting with Cisco Aironet Client Diagnostics, page Troubleshooting and DiagnosticsEnabling Client Reporting, page Figure 6-1 Network and Sharing Center Window Troubleshooting with Cisco Aironet Client Diagnostics Figure 6-3 Cisco Aironet Client Diagnostics Dialog Box-Choose Adapter Figure 6-2 Cisco Aironet Client Diagnostics Dialog Box Figure 6-5 Cisco Aironet Client Diagnostics Dialog Box-Testing Delay Figure 6-7 Aironet Desktop Utility-Stop Running Diagnostics Figure 6-6 Cisco Aironet Client Diagnostics Dialog Box-Test Window Enabling Client Reporting EAP-FAST Error Messages and Prompts, page A-1 EAP-FAST Error Messages and PromptsPEAP-GTC and LEAP Error Messages and Prompts, page A-6 Creating Strong Passwords, page A-9 Appendix A EAP Messages EAP-FAST Error Messages and Prompts Page Recommended Action Enter a username Recommended Action Press OK to continue PEAP-GTC and LEAP Error Messages and Prompts Page Page Characteristics of Strong Passwords Creating Strong PasswordsCharacteristics of Weak Passwords A-10 Password Security Basics Radio Specifications, page B-3 Technical SpecificationsA P P E N D I X B Physical Specifications Radio Specifications 5250 to 5350 MHz 5150 to 5250 MHz5470 to 5725 MHz 5725 to 5805 MHz Outdoor typical Indoor typical Safety and Regulatory Compliance Specifications Power Specifications Antenna Installation Warning, page C-3 Translated Safety WarningsA P P E N D I X C Explosive Device Proximity Warning, page C-2 Explosive Device Proximity Warning Antenna Installation Warning Warning for Laptop Users Page Page A P P E N D I X D Declarations of Conformity and Regulatory InformationDepartment of Communications - Canada, page D-3 Declaration of Conformity for RF Exposure, page D-7 FCC Certification Number LDK102050 CB21AG European Community, Switzerland, Norway, Iceland, and Liechtenstein Department of Communications - CanadaCanadian Compliance Statement Page Declaration of Conformity Statement Cisco Aironet CB21AG Wireless LAN Client Adapter Cisco Aironet PI21AG Wireless LAN Client Adapter Japanese Translation Declaration of Conformity for RF ExposureEnglish Translation 03-6434-6500 Chinese Translation 2.4- and 5-GHz Client AdaptersEnglish Translation 5-GHz Client Adapters Brazil/Anatel Approval D-10 AIR-CB21AG-W-K9 D-11 AIR-PI21AG-W-K9 D-12 A P P E N D I X E Channels, page E-2 Maximum Power Levels and Antenna Gains, page E-4Channels, Power Levels, and Antenna Gains IEEE 802.11a Channels Regulatory Domains IEEE 802.11b/g IEEE 802.11b Maximum Power Levels and Antenna Gains IEEE 802.11g Maximum Power Levels and Antenna Gains A P P E N D I X F Acknowledgments and Licensing Appendix F Acknowledgments and Licensing OL-16534-01 Appendix F Acknowledgments and Licensing OL-16534-01 A P P E N D I X G Abbreviations List of Acronyms continued Table G-1