200
To do… Use the command…
Remarks
Specify the maximum number of
login attempts and the action to be
taken when a user fails to log in
after the specified number of
attempts
password-control login-attempt
login-times [ exceed { lock | unlock
| lock-time time | unlock } ]
Optional
By default, the maximum number
of login attempts is 3 and a user
failing to log in after the specified
number of attempts must wait for
one minute before trying again.
Set the number of days during
which the user is warned of the
pending password expiration
password-control
alert-before-expire alert-time
Optional
7 days by default
Set the maximum number of days
and maximum number of times that
a user can log in after the
password expires
password-control
expired-user-login delay delay
times times
Optional
By default, a user can log in three
times within 30 days after the
password expires.
Set the authentication timeout time
password-control
authentication-timeout
authentication-timeout
Optional
60 seconds by default
Set the maximum account idle time
password-control login idle-time
idle-time
Optional
90 days by default
CAUTION:
The action specified the password-control login-attempt command takes effect immediately and affects
the users already in the password control blacklist. Other password control configurations take effect only
for users logging in later and passwords configured later.
Setting user group password control parameters
Follow these steps to set password control parameters for a user group:
To do… Use the command…
Remarks
Enter system view system-view —
Create a user group and enter user
group view
user-group group-name —
Configure the password aging
time for the user group
password-control aging aging-time
Optional
By default, the aging time of the
user group is the same as the
global password aging time.
Configure the minimum password
length for the user group
password-control length length
Optional
By default, the minimum password
length of the user group is the
same as the global minimum
password length.
Configure the password
composition policy for the user
group
password-control composition
type-number type-number
[ type-length type-length ]
Optional
By default, the password
composition policy of the user
group is the same as the global
password composition policy.
To Next Page
Loading...
