Setting global password control parameters – H3C Technologies H3C S12500-X Series Switches User Manual

Page 123

Advertising
background image

111

To enable password control:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enable the global password
control feature.

password-control enable

In non-FIPS mode, by default,
the global password control

feature is disabled.

In FIPS mode, the global

password control feature is

enabled and cannot be

disabled.

3.

(Optional.) Enable a specific

password control function.

password-control { aging |
composition | history | length }
enable

By default, all four password
control functions are enabled.

79B

Setting global password control parameters

The password expiration time, minimum password length, and password composition policy can be

configured in system view, user group view, or local user view. The password settings with a smaller

application scope have higher priority. Global settings in system view apply to the passwords of the local
users in all user groups if you do not configure password policies for these users in both local user view

and user group view.
The password-control login-attempt command takes effect immediately and can affect the users already

in the password control blacklist. Other password control configurations do not take effect on users that
have been logged in or passwords that have been configured.
To set global password control parameters:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Set the password expiration
time.

password-control aging aging-time The default setting is 90 days.

3.

Set the minimum password
update interval.

password-control update interval

interval

The default setting is 24 hours.

4.

Set the minimum password
length.

password-control length length

In non-FIPS mode, the default
setting is 10 characters.

In FIPS mode, the default length
is 15 characters.

5.

Configure the password

composition policy.

password-control composition
type-number type-number

[ type-length type-length ]

In non-FIPS mode, a default

password must contain at least

one character type and at least
one character for each type.

In FIPS mode, a default

password must contain at least
four character types and at

least one character for each

type.

Advertising
This manual is related to the following products:

H3C S5560 Series Switches, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module, H3C S9800 Series Switches, H3C S5130 Series Switches, H3C S5120 Series Switches

Popular Brands
Popular manuals