beautypg.com

How to set strong passwords – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 38

background image

Getting Started

Software Reference for x310 Series Switches

1.14

AlliedWare Plus

TM

Operating System - Version 5.4.4C

C613-50046-01 REV A

How to Set Strong Passwords

The password security rules are disabled by default. To set password security rules for
users with administrative rights, or privilege level 15, enter Global Configuration mode.

You can then either specify whether the user is forced to change an expired password at
the next login, or specify whether the user is not allowed to login with an expired
password. You will need to specify a password lifetime greater than 0 before selecting
either of these features. Note that the security-password forced-change and the security-
password reject-expired-pwd commands cannot be enabled concurrently.

Password lifetime

Enter the following command to specify the password lifetime in days:

Note that the value 0 will disable lifetime functionality and passwords will never expire. If
lifetime functionality is disabled, the security-password forced-change command and
the security-password warning command are also disabled.

Password forced

change

To specify that a user is forced to change an expired password at the next login, enter the
following command:

If the security-password forced-change command is enabled, users with expired
passwords are forced to change to a password that must comply with the current
password security rules at the next login.

Reject expired

password

To specify that a user is not allowed to login with an expired password, enter the following
command:

If the security-password reject-expired-pwd command is enabled, users with expired
passwords are rejected at login. Users then have to contact the Network Administrator to
change their password.

Use other password security rules to further configure password security settings.

Password warning

To specify the number of days before the password expires that the user will receive a
warning message specifying the remaining lifetime of the password, enter the command:

The value 0 will disable warning functionality and the warning period must be less than,
or equal to, the password lifetime.

awplus(config)#

security-password lifetime <0-1000>

awplus(config)#

security-password forced-change

awplus(config)#

security-password reject-expired-pwd

Caution

Once all users’ passwords are expired you are unable to login to the device
again if the security-password reject-expired-pwd command has been
executed. You will have to reboot the device with a default configuration
file, or load an earlier software version that does not have the security
password feature.
We recommend you never have the command line “security-password
reject-expired-pwd” in a default config file.

awplus(config)#

security-password warning <0-1000>

See also other documents in the category Allied Telesis Computer hardware: