3com 4210 PWR 9-Port 3CR17341-91-ME User Manual
Product codes
3CR17341-91-ME
Password Control Configuration
557
■
■
■
■
■
After the above configuration, you can execute the display password-control
command in any view to check the information about the password control for all
users, including the enabled/disabled state of password aging, the aging time,
enabled/disabled state of password composition policy, minimum number of types
that a password should contain, minimum number of characters of each type, the
enabled/disabled state of history password recording, the maximum number of
history password records, the alert time before password expiration, the timeout
time for password authentication, the maximum number of attempts, and the
processing mode for login attempt failures.
command in any view to check the information about the password control for all
users, including the enabled/disabled state of password aging, the aging time,
enabled/disabled state of password composition policy, minimum number of types
that a password should contain, minimum number of characters of each type, the
enabled/disabled state of history password recording, the maximum number of
history password records, the alert time before password expiration, the timeout
time for password authentication, the maximum number of attempts, and the
processing mode for login attempt failures.
If the password attempts of a user fail for several times, the system adds the user
to the blacklist. You can execute the display password-control blacklist
command in any view to check the names and the IP addresses of such users.
to the blacklist. You can execute the display password-control blacklist
command in any view to check the names and the IP addresses of such users.
Configuring Password
Aging
n
In this section, you must note the effective range of the same commands when
executed in different views or to different types of passwords:
executed in different views or to different types of passwords:
■
Global settings in system view apply to all local user passwords and super
passwords.
passwords.
Table 409 Configure password aging
Operation
Command
Description
Enter system view
system-view
-
Enable password aging
password-control aging enable Optional
By default, password aging is
enabled.
enabled.
Configure a password
aging time globally
aging time globally
password-control aging
aging-time
aging-time
Optional
By default, the aging time is
90 days.
90 days.
Configure a password
aging time for a super
password
aging time for a super
password
password-control super aging
aging-time
aging-time
Optional
By default, the aging time is
90 days.
90 days.
Enable the system to alert
users to change their
passwords when their
passwords will soon expire,
and specify how many
days ahead of the
expiration the system alerts
the users.
users to change their
passwords when their
passwords will soon expire,
and specify how many
days ahead of the
expiration the system alerts
the users.
password-control
alert-before-expire alert-time
alert-before-expire alert-time
Optional
By default, users are alerted
seven days ahead of the
password expiration.
seven days ahead of the
password expiration.
Create a local user or enter
local user view
local user view
local-user user-name
-
Configure a password
aging time for the local
user
aging time for the local
user
password-control aging
aging-time
aging-time
Optional
By default, the aging time is
90 days.
90 days.