User Account and Password Management
5-2 Setting User Accounts and Passwords
• The switch is capable of ensuring that the password does not contain, repeat, or reverse the
associated Username.
• The switch is capable of specifying whether multiple accounts can share the same password.
(See “set system password allow-duplicates” on page 5-13.)
• The switch is capable of specifying the minimum number of characters required for
passwords (see “set system password length” on page 5-13).
• The switch is capable of specifying whether the same character may appear consecutively in
the same password (see “set system password allow-repeatingchars” on page 5-13).
• The switch is capable of setting a configurable minimum number of characters of a specific
type that must be present in a user account password. The following types are supported (see
“set system password min-requiredchars” on page 5-13):
– Upper case characters (default 0)
– Lower case characters (default 0)
– Numeric characters (default 0)
– Special characters (default 0)
The set of special characters recognized by this command is: ! @ # $ % ^ & * () ? = [ ] \ ; ? , ./ `.
• Aging of system passwords
– The switch is capable of defining a system-wide default for password aging (see “set
system password aging” on page 5-13).
– The switch is capable of setting the password aging interval on a per-user basis (see “set
system login aging” on page 5-6).
– The switch is capable of notifying the user at login that their password will expire in a
given number of days (see “set system password warning-period” on page 5-13).
– The switch notifies the user upon password expiration, but allows a specified additional
number of subsequent logins (1 to 3) within a specified time period (1 to 30 days) before
requiring a new password (see “set system password grace-period and grace-limit” on
page 5-13).
• The system logs all password changes.
• The switch displays the following information upon successful access to the switch:
– The date and time of the administrator's or user's last successful access to the switch.
– The number of unsuccessful attempts by that Username to gain access to the switch (due
to a mistyped password, for example) since the last successful access by that Username.
– Notification of an expired or expiring password, if configured.
• The switch allows you to specify whether a password is required at the time of user account
creation (see “set system password require-at-creation” on page 5-13).
– If the option is enabled, the “set system login” command will interactively prompt for a
password upon creation of a new user account.
It will be as if a “set password
username” command was implicitly executed. The new
account will not be successfully created until a valid password has been specified.
• The switch allows you to specify the length of any substring present in previous account
passwords that may not be used in a new password (see “set system password substring-
match-len” on page 5-13).
– Requires a non-zero history length.
To Next Page
Loading...
Need help?
General