R3721-F3210-F3171-HP High-End Firewalls Access Control Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

181

182

183

184

185

186

187

188

189

190

175

Description

Use password-control complexity to configure the password complexity checking policy. Unqualified

passwords will be refused.

Use the undo password-control complexity check command to remove a password complexity checking

item.

By default, no user password complexity checking is performed, and a password can contain the

username, the reverse of the username, or a character repeated three or more times consecutively.

Related commands: display password-control.

Examples

# Configure the password complexity checking policy, refusing any password that contains the username

or the reverse of the username.

<Sysname> system-view

[Sysname] password-control complexity user-name check

password-control composition

Syntax

password-control composition type-number type-number [ type-length type-length ]

undo password-control composition

View

System view, user group view, local user view

Default level

2: System level

Parameters

type-number type-number: Specifies the minimum number of character types that a password must

contain, in the range of 1 to 4. In FIPS mode, the type-number argument must be 4.

type-length type-length: Specifies the minimum number of characters that each type must contain, in the

range of 1 to 63.

Description

Use password-control composition to configure the password composition policy.

Use undo password-control composition to restore the default.

The default settings for the type-number and type-length arguments are both 1 for the global password

composition policy. The default password composition policy of a user group is the same as the global

policy, and the default password composition policy of a local user is the same as that of the user group

to which the local user belongs. In FIPS mode, a password must contain four types of characters.

The settings in system view have global significance and apply to all user groups, the settings in user

group view apply to all local users in the user group, and the settings in local user view apply to only the

local user.

A password composition policy with a smaller application range has a higher priority. That is, the system

prefers the settings for a local user. If there is no setting for the local user, the system will use the settings

for the user group. If there is no setting for the user group, the system will use the global settings.

Related commands: display password-control, local-user, and user-group.