beautypg.com

Setting super password control parameters, Displaying and maintaining password control – H3C Technologies H3C S6300 Series Switches User Manual

Page 184

background image

169

Step Command

Remarks

7.

Specify the maximum number
of login attempts and the

action to be taken for the local

user when the user fails to log
in after the specified number

of attempts.

password-control login-attempt
login-times [ exceed { lock |
lock-time time | unlock } ]

By default, the settings equal those
for the user group to which the
local user belongs. If no

login-attempt policy is configured

for the user group, the global
settings apply to the local user.

Setting super password control parameters

The super password allows you to obtain a temporary user role without reconnecting to the device. For

more information about passwords for user roles, see Fundamentals Configuration Guide.
To set super password control parameters:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Set the password expiration
time for super passwords.

password-control super aging

aging-time

The default setting is 90 days.

3.

Configure the minimum length
for super passwords.

password-control super length

length

In non-FIPS mode, the default
setting is 10 characters.

In FIPS mode, the default setting

is 15 characters.

4.

Configure the password

composition policy for super
passwords.

password-control super
composition type-number

type-number [ type-length
type-length ]

In non-FIPS mode, by default, a

super password must contain at

least one character type and at
least one character for each

type.

In FIPS mode, by default, a

super password must contain at

least four character types and

at least one character for each
type.

Displaying and maintaining password control

Execute display commands in any view and reset commands in user view.

Task Command

Display password control configuration.

display password-control [ super ]

Display information about users in the
password control blacklist.

display password-control blacklist [ user-name name | ip
ipv4-address | ipv6 ipv6-address ]

Delete users from the password control
blacklist.

reset password-control blacklist [ user-name name ]

Clear history password records.

reset password-control history-record [ user-name name |
super [ role role name ] ]

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: