Original release date: February 17, 2022
The National Security Agency (NSA) has released a Cybersecurity Information (CSI) sheet with guidance on securing network infrastructure devices and credentials. Cisco devices are used globally to secure network infrastructure devices, including across the Department of Defense, National Security Systems, and the Defense Industrial Base. Credentials within Cisco configuration files could be at risk of compromise if strong password types are not used. The CSI reviews Cisco’s password type options, the difficulty to crack each password type, and its vulnerability severity and provides recommendations for use.
CISA encourages administrators to review NSA’s CSI: Cisco Password Types: Best Practices and consider the recommendations to secure sensitive credentials.
This product is provided subject to this Notification and this Privacy & Use policy.
CISA released updated guidance for the Minimum Elements for a Software Bill of Materials (SBOM)…
CISA released three Industrial Control Systems (ICS) advisories on August 21, 2025. These advisories provide…
CISA released four Industrial Control Systems (ICS) advisories on August 19, 2025. These advisories provide…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
This website uses cookies.