R3303-HP HSR6800 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution

194

Ste

p

Command

Remarks

7. Set the maximum number of

history password records for

each user.

password-control history

max-record-num

Optional.

4 by default.

8. Specify the maximum number

of login attempts and the

action to be taken when a

user fails to log in after the

specified number of attempts.

password-control login-attempt

login-times [ exceed { lock |

lock-time time | unlock } ]

Optional.

By default, the maximum number

of login attempts is 3 and a user

failing to log in after the specified

number of attempts must wait for 1

minute before trying again.

9. Set the number of days during

which the user is warned of

the pending password

expiration.

password-control

alert-before-expire alert-time

Optional.

7 days by default.

10. Set the maximum number of

days and maximum number

of times that a user can log in

after the password expires.

password-control

expired-user-login delay delay

times times

Optional.

By default, a user can log in three

times within 30 days after the

password expires.

11. Set the authentication timeout

time.

password-control

authentication-timeout

authentication-timeout

Optional.

60 seconds by default.

12. Set the maximum account idle

time.

password-control login idle-time

idle-time

Optional.

90 days by default.

Setting user group password control parameters

Ste

p

Command

Remarks

1. Enter system view.

system-view N/A

2. Create a user group and enter

user group view.

user-group group-name N/A

3. Configure the password

aging time for the user group.

password-control aging aging-time

Optional.

By default, the aging time of the

user group is the same as the

global password aging time.

4. Configure the minimum

password length for the user

group.

password-control length length

Optional.

By default, the minimum password

length of the user group is the same

as the global minimum password

length.

5. Configure the password

composition policy for the

user group.

password-control composition

type-number type-number

[ type-length type-length ]

Optional.

By default, the password

composition policy of the user

group is the same as the global

password composition policy.