Configuring mac authentication timers, Fips compliance, Password control configuration task list – H3C Technologies H3C S12500-X Series Switches User Manual
Page 122: Enabling password control, Logging
110
218B
Logging
The system logs all successful password changing events and user adding events to the password control
blacklist.
76B
FIPS compliance
The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features,
commands, and parameters might differ in FIPS mode (see "
816H
Configuring FIPS
") and non-FIPS mode.
77B
Password control configuration task list
The password control functions can be configured in several different views, and different views support
different functions. The settings configured in different views or for different objects have the following
application ranges:
•
Settings for super passwords apply to only super passwords.
•
Settings in local user view apply to only the password of the local user.
•
Settings in user group view apply to the passwords of the local users in the user group if you do not
configure password policies for these users in local user view.
•
Global settings in system view apply to the passwords of the local users in all user groups if you do
not configure password policies for these users in both local user view and user group view.
For local user passwords, the settings with a smaller application scope have higher priority.
To configure password control, perform the following tasks:
Tasks at a glance
(Required.)
817H
Enabling password control
(Optional.)
818H
Setting global password control parameters
(Optional.)
819H
Setting user group password control parameters
(Optional.)
820H
Setting local user password control parameters
(Optional.)
821H
Setting super password control parameters
78B
Enabling password control
To successfully enable the global password control feature and allow device management users to log in
to the device, the device must have sufficient storage space.
Enabling the global password control feature is the prerequisite for all password control configurations
to take effect. Then, for a specific password control function to take effect, enable this password control
function.
After the global password control feature is enabled, you cannot display the password and super
password configurations for device management users by using the corresponding display commands.
However, the configuration for network access user passwords can be displayed. The first password
configured for device management users must contain at least four different characters.