Enhanced Administrative Password Security - Avaya 1230 Administration

Security
Figure 55: Login and login failure with time notification

Enhanced administrative password security

The provisioning server can provide additional security associated with the administrative password.
The provisioning server provides the password to the IP Deskphone in the form of an SHA1 or MD5
hash instead of the plain text password. This removes the need to store the password on the IP
Deskphone by using the existing ADMIN_PASSWORD provisioning parameter.
The provisioning server can also enforce a password expiry using the provisioning flag,
ADMIN_PASSWORD_EXPIRY. This flag contains a date after which the admin password stored on
the IP Deskphone is not accepted. After this time, the administrative password must be changed in
the administrative server. Password expiry can only be enforced if the date and time are retrieved by
the IP Deskphone through SIP, SOAP, or SNTP.
Important:
IP Deskphone licensing information is located in the Keycode Retrieval System (KRS) User
Guide. You must register for access to KRS.
Debug port security
The debug port (Accessory Expansion Module (AEM) port) is disabled by default to prevent
unauthorized access and intervention in IP Deskphone operation when a dongle is used.
Enabling the debug port requires access to the Advanced Diag Tools menu, which is always
protected by the admin password, and enabling the Debug port option.
The default value of the Debug port option is disabled. Resetting the IP Deskphone to the factory
defaults resets this parameter as well.
SIP Software for Avaya 1200 Series IP Deskphones-Administration
300
Comments? infodev@avaya.com
March 2015