CISCO ROUTERS - LOGON SECURITY ENHANCEMENTS login block-for <seconds> attempts <attempts> within < seconds> This command can block all logins for a period of time when within some period of time there’ll be more than X login attemps, e.g. login block-for 300 attempts 10 within 60 It means that system will block login attempts for 300 seconds if within 60 seconds there were 10 or more login attempts. This command is helpful in case of brute force attack. login quiet-mode access-class <acl> This command can help authorized users to log into device in case of system run login block-for function. Then users from acl localization can log into the cisco device even when others people cannot. login quiet-mode access-class 23 ,where 23 is access-list 23