beautypg.com

Setting global password control parameters – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 267

background image

253

Setting global password control parameters

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Set the password aging time. password-control aging aging-time

Optional.
90 days by default.

3.

Set the minimum password
update interval.

password-control password
update interval interval

Optional.
24 hours by default.

4.

Set the minimum password
length.

password-control length length

Optional.
10 characters by default.

5.

Configure the password
composition policy.

password-control composition
type-number policy-type

[ type-length type-length ]

Optional.
By default, the minimum number of

password composition types is 1
and the minimum number of

characters of a password

composition type is 1 too.

6.

Configure the password

complexity checking policy.

password-control complexity
{ same-character | user-name }
check

Optional.
By default, the system does not

perform password complexity
checking.

7.

Set the maximum number of

history password records for
each user.

password-control history
max-record-num

Optional.
4 by default.

8.

Specify the maximum number
of login attempts and the

action to be taken when a
user fails to log in after the

specified number of attempts.

password-control login-attempt
login-times [ exceed { lock | unlock

| lock-time time | unlock } ]

Optional.
By default, the maximum number
of login attempts is 3 and a user

failing to log in after the specified

number of attempts must wait for

one minute before trying again.

9.

Set the number of days during
which the user is warned of

the pending password
expiration.

password-control
alert-before-expire alert-time

Optional.
7 days by default.

10.

Set the maximum number of

days and maximum number
of times that a user can log in

after the password expires.

password-control
expired-user-login delay delay

times times

Optional.
By default, a user can log in three
times within 30 days after the

password expires.

11.

Set the authentication timeout
time.

password-control
authentication-timeout

authentication-timeout

Optional.
60 seconds by default.

12.

Set the maximum account idle
time.

password-control login idle-time
idle-time

Optional.
90 days by default.