Sudden Password Rules after upgrade to 4.2.1-r5

Hi all,
after upgrade from 4.1.1-r2 to 4.2.1-r5 I’m suddenly forced to change the local admin password on all my devices. And I have to follow the Cambium password policy.
This behavior was not described in any changelog.

I have checked Parameters and Commands for All Features 4.1.pdf and I see an option to set minimum password length: set minimum password length <8-20>

What if I want to have 7-char password? How can I disable this forced “security”?

P.S. Please, don’t be like M$ :wink:


The password change enforcement was introduced in release 4.2 to ensure the switch is secured. The default password is insecure and vulnerable to attack. The enforcement is described in the 4.2 Release Note.

We are sorry for the inconvenience, but disabling the forced security is not allowed, and the password length requires minimum 8 characters (default setting). Any shorter password length is deemed vulnerable.

If you have multiple cnMatrix devices that need password change, you can onboard them to cnMaestro cloud into a same switch group so that the switch group’s configured password can be applied to all devices at once.


Dear TamN,
thanks for your very informative answer!
Unfortunately, I have to manage this hardware, but in the future I will avoid equipment, where manufacturer forces me to do what he thinks is right and leave me no opportunity to switch off this “neat” feature. Configurable is something else.


P.S. I have not found Release Notes for 4.2 you mentioned: Topics tagged release-notes

1 Like