Setting global password control parameters – H3C Technologies H3C SecPath F1000-E User Manual
Page 261
251
To enable password control:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enable the password control
feature.
password-control enable
Disabled by default.
3.
Enable a password control
function individually.
password-control { aging |
composition | history | length }
enable
Optional.
All of the four password control
functions are enabled by default.
NOTE:
After global password control is enabled, local user passwords configured on the firewall are not
displayed when you use the corresponding display command.
Setting global password control parameters
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Set the password aging time. password-control aging aging-time
Optional.
90 days by default.
3.
Set the minimum password
update interval.
password-control password
update interval interval
Optional.
24 hours by default.
4.
Set the minimum password
length.
password-control length length
Optional.
10 characters by default.
A password must contain at least
eight characters.
5.
Configure the password
composition policy.
password-control composition
type-number policy-type
[ type-length type-length ]
Optional.
By default, the minimum number of
password composition types is 1
and the minimum number of
characters of a password
composition type is 1 too.
In FIPS mode, a password must
contain four types of characters.
6.
Configure the password
complexity checking policy.
password-control complexity
{ same-character | user-name }
check
Optional.
By default, the system does not
perform password complexity
checking.
7.
Set the maximum number of
history password records for
each user.
password-control history
max-record-num
Optional.
4 by default.