Palo Alto PA 5220 not login after password complexity changes

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

Palo Alto PA 5220 not login after password complexity changes

L0 Member

We changed the password complexity and history settings on our firewall a couple of days ago. After committing the changes the local users are not able to login on the firewall. So we tried to boot into maintenance mode by connecting through a console cable in order to roll back to a older running config. This did not do anything though, because the users are still not able to login using their old credentials from the time when the running config was saved. Does rolling back to a saved running config, undo-s the password complexity settings? Is there a way to import a device state config from the actual maintenance mode without having to reset to factory default and connect from the management interface?


L4 Transporter

Hello @AadidevArun 


In a LAB we test the same options and settings, in especial force change password, gracetime, login account, and we have the same problem ... Unfortunately the only way, without login is ... Factory reset and load a previus backup you have on your laptop  an another device ... Sorry


I recommended test this kind of changes in a LAB enviroment.


Best regards

High Sticker
  • 1 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!