247
Task Command
Display password control configuration.
display password-control
[
super
]
Display information about users in the
password control blacklist.
display password-control blacklist
[
user-name
user-name
|
ip
ipv4-address |
ipv6
ipv6-address ]
Delete users from the password control
blacklist.
reset password-control blacklist
[
user-name
user-name ]
Clear history password records.
reset password-control history-record
[
user-name
user-name |
super
[
role
role name ] ]
NOTE:
The reset password-control history-record command can delete the history password records o
one or all users even when the password history feature is disabled.
Password control configuration example
Network requirements
Configure a global password control policy to meet the following requirements:
• A password must contain a minimum of 16 characters.
• A password must contain a minimum of four character types and a minimum of four characters
for each type.
• An FTP or VTY user failing to provide the correct password in two successive login attempts is
permanently prohibited from logging in.
• A user can log in five times within 60 days after the password expires.
• A password expires after 30 days.
• The minimum password update interval is 36 hours.
• The maximum account idle time is 30 days.
• A password cannot contain the username or the reverse of the username.
• No character appears consecutively three or more times in a password.
Configure a super password control policy for user role network-operator to meet the following
requirements:
• A super password must contain a minimum of 24 characters.
• A super password must contain a minimum of four character types and a minimum of five
characters for each type.
Configure a password control policy for local Telnet user test to meet the following requirements:
• The password must contain a minimum of 24 characters.
• The password must contain a minimum of four character types and a minimum of five
characters for each type.
• The password for the local user expires after 20 days.
Configuration procedure
# Enable the password control feature globally.
<Sysname> system-view
[Sysname] password-control enable
To Next Page
Loading...
Need help?
General