beautypg.com

Password history, Setting passwords to expire – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 42

background image

24

Multi-Service IronWare Security Configuration Guide

53-1003035-02

Enabling strict password enforcement

1

Also, if the user tries to configure a password that was previously configured, the local user account
configuration is not allowed and the following message is displayed.

Error - This password was used earlier, please choose a different password.

When you create a password, the characters you type are masked.

Example : To assign a password for a user account.

Brocade(config)# username sandy password [Enter]

Enter new password: ********

Syntax: [no] username name password

Enter a password such as TesT12$! that contains the required character combination.

NOTE

If enable strict-password-enforcement is enabled, when a user is logged in and is attempting to
change their own user password, the following prompt is displayed: Enter old password. After
validating the old password, the following prompt is displayed: Enter new password.

Password history

If the enable strict-password-enforcement command is enabled, the CLI keeps the last 15
passwords used by the user. A user is prevented from changing the password to one that has
already been used.

Setting passwords to expire

If the enable strict-password-enforcement command is enabled, passwords can be set to expire,
early warning periods can be configured, and grace login reset attempts can be configured.

To configure a user password to expire, enter the following.

Brocade(config)# enable strict-password-enforcement

Brocade(config)# username sandy expires 20

Syntax: [no] username name expires days

The name variable specifies the user that the expiration time is applied to.

The days variable specifies the number of day before the password will expire. The following values
can be used 1 – 365 days. The default is 90 days.

NOTE

The enable strict-password-enforcement command must be enabled before this command is
configured. Otherwise, the following message will be displayed: “Password expire time is
enabled only if strict-password-enforcement is set.”

If the enable strict-password-enforcement command is enabled, the administrator can configure
an early warning period to warn users for a particular number of days prior to their password
expiring.

To configure the early warning period for password expiration, enter the following:

Brocade(config)# enable strict-password-enforcement expiration

early-warning-period 5

See also other documents in the category Brocade Computer Accessories: