Enabling password restrictions, Setting the maximum number of login attempts – 3Com WX4400 3CRWX440095A User Manual

Configuring Passwords

67

Enabling Password

Restrictions

To activate password restrictions for network and administrative users,
use the

following command:

set authentication password-restrict {enable | disable}

When this command is enabled, the following password restrictions take
effect:

„

Passwords must be a minimum of 10 characters in length, and a
mix of

uppercase letters, lowercase letters, numbers, and special

characters, including at least two of each (for example, Tre%Pag32!).

„

A user cannot reuse any of his or her 10 previous passwords (not
applicable to

network users).

„

When a user changes his or her password, at least 4 characters
must be

different from the previous password.

„

The password restrictions are disabled by default. When you enable
them, MSS evaluates the passwords configured on the WX and
displays a list of users whose password does not meet the restriction
on length and character types.

For example, to enable password restrictions on the WX switch, type the
following command:

WX# set authentication password-restrict enable
warning: the following users have passwords that do not have
at least 2 each of upper-case letters, lower-case letters,
numbers and special characters -
dan
admin
user1
user2
goofball
dang
success: change accepted.

Setting the Maximum

Number of Login

Attempts

To specify the maximum number of login attempts users can make before
being locked out of the system, use the following command:

set authentication max-attempts number

For Telnet or SSH sessions, a maximum of 4 failed login attempts are
allowed by default. For console or network sessions, an unlimited number
of failed login attempts are allowed by default.