R3721-F3210-F3171-HP High-End Firewalls Access Control Configuration Guide-6PW101
241
Ste
p
Command
Remarks
11. Set the authentication timeout
time.
password-control
authentication-timeout
authentication-timeout
Optional.
60 seconds by default.
12. Set the maximum account idle
time.
password-control login idle-time
idle-time
Optional.
90 days by default.
NOTE:
The specified action to be taken after a user fails to log in for the specified number of attempts takes effec
t
immediately, and can thus affect the users already in the blacklist. Other password control confi
g
urations
take effect only for users logging in later and passwords configured later.
Setting user group password control parameters
To set password control parameters for a user group:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Create a user group and enter
user group view.
user-group group-name N/A
3. Configure the password
aging time for the user group.
password-control aging aging-time
Optional.
By default, the password aging
time configured in system view is
used.
4. Configure the minimum
password length for the user
group.
password-control length length
Optional.
By default, the minimum password
length configured in system view is
used.
A password must contain at least
eight characters.
5. Configure the password
composition policy for the
user group.
password-control composition
type-number type-number
[ type-length type-length ]
Optional.
By default, the password
composition policy configured in
system view is used.
In FIPS mode, a password must
contain four types of characters.
Setting local user password control parameters
To set password control parameters for a local user:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Create a local user and enter
local user view.
local-user user-name N/A