Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
281282283284285286287288289290
281
86B
Setting super password control parameters
CLI commands fall into four levels: visit, monitor, system, and manage, in ascending order. Accordingly,
login users fall into four levels, each corresponding to a command level. A user of a certain level can only
use the commands at that level or lower levels.
To switch from a lower user level to a higher one, a user needs to enter a password for authentication.
This password is called a super password. For more information on super passwords, see Getting Started
Guide.
To set super password control parameters:
Ste
p
Command
Remarks
1. Enter system view. system-view N/A
2. Set the password
aging time for
super passwords.
password-control super
aging aging-time
Optional.
By default, the super password aging time is the same
as the global password aging time.
3. Configure the
minimum length for
super passwords.
password-control super
length length
Optional.
By default, the minimum super password length is the
same as the global minimum password length.
At least 8 characters.
4. Configure the
password
composition policy
for super
passwords.
password-control super
composition type-number
type-number [ type-length
type-length ]
Optional.
By default, the super password composition policy is
the same as the global password composition policy.
Composition type-number must be 4 in FIPS mode.
87B
Setting a local user password in interactive mode
You can set a password for a local user in interactive mode. When doing so, you need to confirm the
password.
To set a password for a local user in interactive mode:
Ste
p
Command
1. Enter system view.
system-view
2. Create a local user and enter local user view.
local-user user-name
3. Set the password for the local user in interactive mode. password
88B
Displaying and maintaining password control
Task Command
Remarks
Display password control
configuration information.
display password-control [ super ] [ |
{ begin | exclude | include }
regular-expression ]
Available in any view.