Appendix A: Password security 225
Nortel Integrated Conference Bridge Service Implementation Guide
Unsuccessful login attempt handling
Procedure 52 shows how the system handles unsuccessful login
attempts.
Procedure 52
Unsuccessful login operation
1No action is required for this procedure. However, observe the activities in the
following steps and report any system discrepancies to your support
technician.
2For each faulty login, the system issues a message in the error log and the
CLI. This applies to all access types: BUI; TUI; CLI; and Telnet. The following
is an example of the message format (for more information on error
messages, see “Error message handling” on page 183).
0024: WARNING MNGMMI114 12-06 15:42:55:612 FTP login FAILED from
152.217.111.234
3The ICB counts consecutive login attempts. When the count reaches the
“maximum faulty login attempts” parameter set by the administrator, the
system performs the following:
a BUI user and administrator access – After five consecutive faulty login
attempts in which the login name is correct, but the password is wrong,
the system blocks this login name. The administrator must reset the
name to resume normal login operation.
b CLI access – After the maximum allowed login attempts, the system
blocks the CLI for a period of time. The administrator can define the
blocking time period.
FTP
(server access)
1Remote access using FTP requires a dedicated login name and password. The
name and password can contain letters and digits.
2The system records every successful login as an informational message in the
error log. The CLI terminal prints this message.
3The system times out and closes the session after a period of inactivity. The
administrator defines the time-out parameter.
General 1The system always encrypts files containing passwords.
2An administrator defines the minimum length of the login name and password.
The system enforces the minimum requirement when a user changes their
login name or password. This rule applies to all the passwords that this table
describes. It does not apply to the conference and chairperson passwords set
up in the BUI scheduling window.
3The maximum password length is 16 characters, which is hard-coded.
4The IP/LAN connectivity provides access through the LAN using HTTP, Telnet
and FTP only.
Table 58
Access permissions (Continued)
Access type Description of permissions