24 Using security in your networkATTENTIONDo not enable EAPOL security on the switch port that is connected to theRADIUS server.Password securityThe Ethernet Routing Switch 2500 Series supports the password securityfeature that provides enhanced security for switch and stack passwords.With password security enabled, the following enhanced security featuresare applied:Password length and valid charactersValid passwords must be between 10 and 15 characters long. The passwordmust contain a minimum of the following:• two lower-case letters• two capital letters• two numbers• two special symbols, such as:!@#$%^&*()The password is case sensitive.Password retryIf the user fails to provide the correct password after a number of consecutiveattempts, the switch resets the logon process. The number of failed logonattempts is configurable and the default is three.Password historyThe switch keeps a history of the last three passwords. You cannot reuse apassword stored in history. When you set the password for the fourth time,you can reuse the password that you used the first time.Password displayThe password is not displayed as clear text. Each character of the passwordis substituted with an asterisk (*).Password verificationWhen you provide a new password, you must retype the password toconfirm it. If the two passwords do not match, the password update processfails. In this case, you must try to update the password once again. There isno limit on the number of times you are allowed to update the password.Nortel Ethernet Routing Switch 2500 SeriesSecurity — Configuration and ManagementNN47215-505 (323165-B) 02.01 Standard4.1 19 November 2007Copyright © 2007, Nortel Networks.