558 CHAPTER 49: PASSWORD CONTROL CONFIGURATION OPERATIONS
■ Settings in the local user view apply to the local user password only.
■ Settings on the parameters of the super passwords apply to super passwords
only.
The priority of these settings is as follows:
■ For local user passwords, the settings in local user view override those in system
view unless the former are not provided.
■ For super passwords, the separate settings for super password override those in
system view unless the former are not provided.
After password aging is enabled, the device will decide whether the user password
ages out when a user logging into the system is undergoing the password
authentication. This has three cases:
1 The password has not expired. The user logs in before the configured alert time. In
this case, the user logs in successfully.
2 The password has not expired. The user logs in after the configured alert time. In
this case, the system alerts the user to the remaining time (in days) for the
password to expire and prompts the user to change the password.
■ If the user chooses to change the password and changes it successfully, the
system records the new password, restarts the password aging, and allows the
user to log in at the same time.
■ If the user chooses not to change the password, the system allows the user to
log in. If the user chooses to change the password but fails in modification, the
system logs out the user after the maximum number of attempts is reached.
3 The password has already expired. In this case, the system alerts the user to the
expiration, requires the user to change the password, and requires the user to
change the password again if the user inputs an inappropriate password or the
two input passwords are inconsistent.
c
CAUTION:
■ You can configure the password aging time when password aging is not yet
enabled, but these configured parameters will not take effect.
■ After the user changes the password successfully, the switch saves the old
password in a readable file in the flash memory.
■ The switch does not provide the alert function for FTP passwords. And when an
FTP user logs in with a wrong password, the system just informs the user of the
password error, and it does not allow the user to change the password.
Configuring the
Limitation of Minimum
Password Length
This function is used to enable the switch to check the password length when a
password is configured. If the switch finds the length of the input password does
not meet the limitation, it informs the user of this case and requires the user to
input a new password.
Tabl e 410 Configure the limitation of the minimum password length
Operation Command Description
Enter system view system-view -
To Next Page
Loading...
