beautypg.com

Mac authentication configuration examples, Local mac authentication configuration example, Setting super password control parameters – H3C Technologies H3C S12500-X Series Switches User Manual

Page 126: Displaying and maintaining password control

background image

114

Step Command

Remarks

7.

Specify the maximum number
of login attempts and the

action to be taken for the local

user when the user fails to log
in after the specified number

of attempts.

password-control login-attempt
login-times [ exceed { lock |
lock-time time | unlock } ]

By default, the settings equal those
for the user group to which the
local user belongs. If no

login-attempt policy is configured

for the user group, the global
settings apply to the local user.

82B

Setting super password control parameters

The super password allows you to obtain a temporary user role without reconnecting to the device. For

more information, see Fundamentals Configuration Guide.
To set super password control parameters:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Set the password expiration
time for super passwords.

password-control super aging

aging-time

The default setting is 90 days.

3.

Configure the minimum length
for super passwords.

password-control super length

length

In non-FIPS mode, the default
setting is 10 characters.

In FIPS mode, the default setting

is 15 characters.

4.

Configure the password

composition policy for super
passwords.

password-control super
composition type-number

type-number [ type-length
type-length ]

In non-FIPS mode, a default

super password must contain at

least one character type and at
least one character for each

type.

In FIPS mode, a default super

password must contain at least

four character types and at

least one character for each
type.

83B

Displaying and maintaining password control

Execute display commands in any view and reset commands in user view.

Task Command

Display password control configuration.

display password-control [ super ]

Display information about users in the
password control blacklist.

display password-control blacklist [ user-name name | ip
ipv4-address | ipv6 ipv6-address ]

Delete users from the password control
blacklist.

reset password-control blacklist [ user-name name ]

Clear history password records.

reset password-control history-record [ user-name name |
super [ role role name ] ]

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: