230
Ste
Command
3. Set the password for the local user in interactive
mode.
password
Displaying and maintaining password control
Task Command
Remarks
Display password control
configuration information.
display password-control [ super ]
[ | { begin | exclude | include }
regular-expression ]
Available in any view
Display information about users in
the password control blacklist.
display password-control blacklist
[ user-name name | ip
ipv4-address | ipv6 ipv6-address ]
[ | { begin | exclude | include }
regular-expression ]
Available in any view
Delete users from the password
control blacklist.
reset password-control blacklist
[ all | user-name name ]
Available in user view
Clear history password records.
reset password-control
history-record [ user-name name |
super [ level level ] ]
Available in user view
NOTE:
The reset password-control history-record command can delete the history password records of a
specific user or all users even when the password history function is disabled.
Password control configuration example
All commands in the following example are executed in non-FIPS mode.
Network requirements
Implementing the following global password control policy:
• An FTP or VTY user failing to provide the correct password in two successive login attempts is
permanently prohibited from logging in.
• A user can log in five times within 60 days after the password expires.
• The password aging time is 30 days.
• The minimum password update interval is 36 hours.
• The maximum account idle time is 30 days.
• A password cannot contain the username or the reverse of the username.
• No character occurs consecutively three or more times in a password.
Implementing the following super password control policy: A super password must contain at least three
types of valid characters, five or more of each type.
Implementing the following password control policy for local Telnet user test:
To Next Page
Loading...
Need help?
General