3com 4500 50-PORT User Manual
448
C
HAPTER
13: C
ONFIGURING
P
ASSWORD
C
ONTROL
View
System view
Parameter
■
aging-time: Password aging time. It ranges from 1 day to 365 days and
defaults to 90 days.
defaults to 90 days.
■
length: Minimum password length. It ranges from 4 characters to 32
characters and defaults to 10 characters.
characters and defaults to 10 characters.
■
login-times: Login attempt times allowed for each user. It ranges from 2 to 10
and defaults to 3.
and defaults to 3.
■
max-record-num: Maximum number of history records allowed for each user. It
ranges from 2 to 10 and defaults to 4.
ranges from 2 to 10 and defaults to 4.
■
alert-time: Alert time. When the remaining usable time of a password is no
more than this time, the user is alerted to the forthcoming password
expiration. It ranges from 1 day to 30 days and defaults to 7 days.
more than this time, the user is alerted to the forthcoming password
expiration. It ranges from 1 day to 30 days and defaults to 7 days.
■
authentication-timeout: Timeout time for user authentication. It ranges from
30 seconds to 120 seconds and defaults to 60 seconds.
30 seconds to 120 seconds and defaults to 60 seconds.
■
exceed: Used to configure the procession mode used after login failures.
■
lock: A procession mode. In this mode, a login-failure user is added to the
blacklist and inhibited from re-login; only after the administrator manually
remove this user from the blacklist, this user is allowed to log in the switch
again.
blacklist and inhibited from re-login; only after the administrator manually
remove this user from the blacklist, this user is allowed to log in the switch
again.
■
locktime time: A procession mode. In this mode, a login-failure user is inhibited
from login in a certain time period, which ranges from 3 to 360 minutes and
defaults to 120 minutes; only after this time passes, the user is allowed to log
in the switch again.
from login in a certain time period, which ranges from 3 to 360 minutes and
defaults to 120 minutes; only after this time passes, the user is allowed to log
in the switch again.
■
unlock: A procession mode. In this mode, a login-failure user is allowed to log
in the switch again and again without any inhibition.
in the switch again and again without any inhibition.
By default, the system operates in locktime mode after a password
authentication fails.
authentication fails.
Description
Use the
password-control aging aging-time
command to configure an aging
time for system login passwords.
Use the
password-control length length
command to configure the minimum
password length for the system login passwords.
Use the
password-control login-attempt login-times
command to configure
the maximum password attempt times allowed for each user.
Use the
password-control history max-record-num
command to configure
the maximum number of history password records allowed for each user.
Use the
password-control alert-before-expire alert-time
command to
configure the alert time, that is, the number of days when users are alerted ahead
of their password expiration.
of their password expiration.