Password control configuration example, Network requirements, Configuration procedure – H3C Technologies H3C S12500-X Series Switches User Manual

Page 127

Advertising
background image

115

NOTE:

The reset password-control history-record command can delete the history password records of one or
all users even when the password history function is disabled.

84B

Password control configuration example

219B

Network requirements

Configure a global password control policy to meet the following requirements:

A password must contain at least 16 characters.

A password must contain at least four character types and at least one character for each type.

An FTP or VTY user failing to provide the correct password in two successive login attempts is
permanently prohibited from logging in.

A user can log in 5 times within 60 days after the password expires.

A password expires after 30 days.

The minimum password update interval is 36 hours.

The maximum account idle time is 30 days.

A password cannot contain the username or the reverse of the username.

No character appears consecutively three or more times in a password.

Configure a super password control policy for user role network-operator to meet the following

requirements:

A super password must contain at least 21 characters.

A super password must contain at least four character types and at least five characters for each
type.

Configure a password control policy for the local Telnet user test to meet the following requirements:

The password must contain at least 21 characters.

The password must contain at least four character types and at least five characters for each type.

The password for the local user expires after 20 days.

220B

Configuration procedure

# Enable the password control feature globally.

<Sysname> system-view

[Sysname] password-control enable

# Prohibit the user from ever logging in again after two successive login failures.

[Sysname] password-control login-attempt 2 exceed lock

# Set all passwords to expire after 30 days.

[Sysname] password-control aging 30

# Globally set the minimum password length to 16 characters.

[Sysname] password-control length 16

# Set the minimum password update interval to 36 hours.

Advertising
This manual is related to the following products:

H3C S5560 Series Switches, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module, H3C S9800 Series Switches, H3C S5130 Series Switches, H3C S5120 Series Switches

Popular Brands
Popular manuals