562 CHAPTER 49: PASSWORD CONTROL CONFIGURATION OPERATIONS
Configuring the
Password
Authentication Timeout
Time
When the local/remote server receives the user name, the authentication starts;
when the user authentication is completed, the authentication ends. Whether the
user is authenticated on the local server or on a remote server is determined by the
related AAA configuration.
If a password authentication is not completed before the authentication timeout
expires, the authentication fails, and the system terminates the connection and
makes some logging.
If a password authentication is completed within the authentication timeout time,
the user will log into the switch normally.
Configuring Password
Composition Policies
A password can be combination of characters from the following four categories:
letters A to Z, a to z, number 0 to 9, and 32 special characters of space and
~‘!@#$%^&*()_+-={}|[]:";’<>,./.
Depending on the system security requirements, the administrator can set the
minimum number of categories a password should contain and the minimum
number of characters in each category.
Password combination falls into four levels: 1, 2, 3, and 4, each representing the
number of categories that a password should at least contain. Level 1 means that
a password must contain characters of one category, level 2 at least two
categories, level 3 three categories, and level 4 four categories.
When you set or modify a password, the system will check if the password satisfies
the component requirement. If not, an error message will occur.
Tabl e 415 Manually remove one or all user entries in the blacklist
Operation Command Description
Delete one specific or all
user entries in the blacklist
reset password-control
blacklist [ user-name
user-name ]
Executing this command without
the user-name user-name
option removes all the user
entries in the blacklist.
Executing this command with
the user-name user-name
option removes the specified
user entry in the blacklist.
Tabl e 416 Configure the timeout time for users to be authenticated
Operation Command Description
Enter system view system-view -
Configure the timeout
time for users to be
authenticated
password-control
authentication-timeout
authentication-timeout
Optional
By default, it is 60 seconds.
Tabl e 417 Configure password composition policy
Operation Command Description
Enter system view system-view -
To Next Page
Loading...
