Cisco Cisco ASR 5000
Global Configuration Mode Commands (L-S)
local-user password ▀
Command Line Interface Reference, StarOS Release 18 ▄
5441
[ history length number [ duration days ] ]
Default: length is 5
Specifies the number of previous password entries kept in the history list maintained by the system. A
password cannot be reused if it is one of the entries kept in the history list unless the time it was last used was
more than the number of days specified by the
Specifies the number of previous password entries kept in the history list maintained by the system. A
password cannot be reused if it is one of the entries kept in the history list unless the time it was last used was
more than the number of days specified by the
duration
keyword.
If the duration keyword is not used, the only check performed by the system is that it is not in the history list.
number
is the number of entries for each account stored in the history list entered as an integer from 1
through 100.
days
is the number of days during which a password can not be reused entered an integer from
1 through 365.
[ max-age days ]
Default: 90
Specifies the maximum age for a password. Users logging in with a password older than the specified limit
are locked out. Once the lockout period expires, at their next login attempt, they are prompted to change their
password before accessing the CLI.
Specifies the maximum age for a password. Users logging in with a password older than the specified limit
are locked out. Once the lockout period expires, at their next login attempt, they are prompted to change their
password before accessing the CLI.
Important:
Local-user accounts can be configured to either enforce or reject a lockout due to a password’s
maximum age being reached. Refer to the
local-user username
command for more information.
days
is the number of days that passwords remain valid entered as an integer from 1 through 365.
[ min-change-char number ]
Default: 2
Specifies the minimum number of characters that must be changed (in comparison to the current password)
when a user changes their password.
Specifies the minimum number of characters that must be changed (in comparison to the current password)
when a user changes their password.
Important:
Changes in password length are counted as “character” changes. For example: changing a password
from “password” to “passwo” is a 2-character change, changing a password from “password” to “password2” is a 1-
character change, and changing a password from “password” to “apassword” is a 9-character change.
character change, and changing a password from “password” to “apassword” is a 9-character change.
number
is the number of characters entered as an integer from 0 through 16.
[ min-change-interval days ]
Default: 1
Specifies the frequency that passwords can be changed (other than first login).
Specifies the frequency that passwords can be changed (other than first login).
days
is the minimum number of days that must pass before a user can change their password. It is an integer
from 1 through 365.
Important:
If the
no local-user password min-change-interval
command is used, users may change
their password as often as desired which could allow them to circumvent the password history function.
[ min-length number ]
Default: 8
Specifies the minimum length allowed for user-defined password.
Specifies the minimum length allowed for user-defined password.
number
is the minimum number of alphanumeric characters that the password must contain, entered as an
integer from 3 through 32.