beautypg.com

Configuration procedure – H3C Technologies H3C SecBlade LB Cards User Manual

Page 108

background image

97

No character occurs consecutively three or more times in a password.

Implement the following super password control policy:

A super password must contain at least three types of valid characters, five or more of characters
each type.

Implement the following password control policy for local Telnet user test:

The password must contain at least 12 characters.

The password must consist of at least two types of valid characters, five or more of each type.

The password aging time is 20 days.

Configuration procedure

# Enable the password control feature globally.

system-view

[LB] password-control enable

# Prohibit the user from logging in forever after two successive login failures.

[LB] password-control login-attempt 2 exceed lock

# Set the password aging time to 30 days for all passwords.

[LB] password-control aging 30

# Set the minimum password update interval to 36 hours.

[LB] password-control password update interval 36

# Specify that a user can log in five times within 60 days after the password expires.

[LB] password-control expired-user-login delay 60 times 5

# Set the maximum account idle time to 30 days.

[LB] password-control login idle-time 30

# Refuse any password that contains the username or the reverse of the username.

[LB] password-control complexity user-name check

# Specify that no character of the password can be repeated three or more times consecutively.

[LB] password-control complexity same-character check

# Specify that a super password must contain at least three types of characters and each type must
contain at least five characters.

[LB] password-control super composition type-number 3 type-length 5

# Configure a super password.

[LB] super password level 3 simple 12345ABGFTweuix

# Create a local user named test.

[LB] local-user test

# Set the service type of the user to Telnet.

[LB-luser-test] service-type telnet

# Set the minimum password length to 12 for the local user.

[LB-luser-test] password-control length 12

# Specify that the password of the local user must contain at least two types of characters and each type
must contain at least five characters.

[LB-luser-test] password-control composition type-number 2 type-length 5

# Set the password aging time to 20 days for the local user.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: