R3721-F3210-F3171-HP High-End Firewalls Access Control Command Reference-6PW101
180
By default, the maximum number of consecutive failed login attempts is three and a user failing to log in
after the specified number of attempts must wait for one minute before trying again.
• If prohibited permanently, a user can log in only after you remove the user from the blacklist.
• If prohibited temporarily, a user can log in again after the lock time elapses or an administrator
removes the user from the blacklist.
• If not prohibited to log in, a user is removed from the blacklist as long as the user logs in successfully
or after the blacklist aging time (one minute) elapses.
Related commands: display password-control, display password-control blacklist, and reset
password-control blacklist.
Examples
# Set the maximum number of login attempts to 4 and permanently prohibit a user failing to log in after
four attempts from logging in.
<Sysname> system-view
[Sysname] password-control login-attempt 4 exceed lock
Later, if a user tries to log in but fails four times, you can find it in the blacklist, with its status changed from
unlock to lock:
[Sysname] display password-control blacklist
Username: test
IP: 192.168.44.1 Login failed times: 4 Lock flag: lock
Total 1 blacklist item(s) matched. 1 listed.
The user can no longer log in.
# Set the maximum number of login attempts to two and prohibit a user failing to log in after two attempts
from logging in within three minutes.
<Sysname> system-view
[Sysname] password-control login-attempt 2 exceed lock-time 3
Later, if a user tries to log in but fails two times, you can find it in the blacklist, with its status changed from
unlock to lock:
[Sysname] display password-control blacklist
Username: test
IP: 192.168.44.1 Login failed times: 2 Lock flag: lock
Total 1 blacklist item(s) matched. 1 listed.
After three minutes, the user is removed from the blacklist and can log in again.
password-control password update interval
Syntax
password-control password update interval interval
undo password-control password update interval
View
System view