EasyManuals Logo

HPE FlexNetwork 5510 HI Series Security Configuration Guide

HPE FlexNetwork 5510 HI Series
551 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #221 background imageLoading...
Page #221 background image
208
Current login passwords of device management users are not stored in the password history. This is
because a device management user password is saved in cipher text and cannot be recovered to a
plaintext password.
User login control
First login
With the global password control feature enabled, users must change the password at first login
before they can access the system. In this situation, password changes are not subject to the
minimum change interval.
Login attempt limit
Limiting the number of consecutive failed login attempts can effectively prevent password guessing.
Login attempt limit takes effect on FTP and VTY users. It does not take effect on the following types
of users:
• Nonexistent users (users not configured on the device).
• Web users.
• Users logging in to the device through console or AUX ports.
If a user fails to use a user account to log in after making the maximum number of consecutive
attempts, login attempt limit performs the following actions:
• Adds the user account and the user's IP address to the password control blacklist. This account
is locked only for this user. Other users can still use this account, and the blacklisted user can
use other user accounts.
• Limits the user and user account in any of the following ways:
ï‚¡ Disables the user account until the account is manually removed from the password control
blacklist.
ï‚¡ Allows the user to continue using the user account. The user's IP address and user account
are removed from the password control blacklist when the user uses this account to
successfully log in to the device.
ï‚¡ Disables the user account for a period of time.
The user can use the account to log in when either of the following conditions exist:
− The locking timer expires.
− The account is manually removed from the password control blacklist before the locking
timer expires.
Maximum account idle time
You can set the maximum account idle time for user accounts. When an account is idle for this period
of time since the last successful login, the account becomes invalid.
Password not displayed in any form
For security purposes, nothing is displayed when a user enters a password.
Logging
The system logs all successful password changing events and user adding events to the password
control blacklist.

Table of Contents

Other manuals for HPE FlexNetwork 5510 HI Series

Preview: Configuration Guide
Configuration Guide572 pages
Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide209 pages
Preview: Layer 3 - Ip Routing Configuration Guide
Layer 3 - Ip Routing Configuration Guide486 pages
Preview: Network Management And Monitoring Configuration Guide
Network Management And Monitoring Configuration Guide331 pages
Preview: Macsec Configuration Guide
Macsec Configuration Guide27 pages
Preview: Acl And Qos Configuration Guide
Acl And Qos Configuration Guide114 pages
Preview: Mpls Configuration Guide
Mpls Configuration Guide505 pages
Preview: Openflow Configuration Guide
Openflow Configuration Guide39 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork 5510 HI Series and is the answer not in the manual?

HPE FlexNetwork 5510 HI Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork 5510 HI Series
CategorySwitch
LanguageEnglish

Related product manuals