Manualshelf

R21xx-HP FlexFabric 11900 Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP FlexFabric 11000 Switch Products
919293949596979899100
90
Default
In non-FIPS mode, the global minimum password length is 10 characters. In FIPS mode, the global
minimum password length is 15 characters. In both non-FIPS and FIPS modes, the minimum password
length of a user group equals the global setting, and the minimum password length of a local user equals
that of the user group to which the local user belongs.
Views
System view, user group view, local user view
Predefined user roles
network-admin
Parameters
length: Specifies the minimum password length in characters. The value range for this argument is 4 to
32 in non-FIPS mode, and 15 to 32 in FIPS mode.
Usage guidelines
Before you execute this command, make sure the global password control feature and the minimum
length function are enabled. Otherwise, your configuration cannot take effect
The minimum password length in system view has global significance and applies to all user groups. The
minimum password length in user group view applies to all local users in the user group. The minimum
password length in local user view applies only to the local user.
A minimum password length with a smaller application scope has higher priority. The system prefers to
use the minimum password length in local user view for a local user. If no minimum password length is
configured for the local user, the system uses the minimum password length for the user group. If no
minimum password length is configured for the user group, the system uses the global minimum
password length.
Examples
# Set the global minimum password length to 9 characters.
<Sysname> system-view
[Sysname] password-control length 9
# Set the minimum password length to 9 characters for user group test.
[Sysname] user-group test
[Sysname-ugroup-test] password-control length 9
[Sysname-ugroup-test] quit
# Set the minimum password length to 9 characters for device management user abc.
[Sysname] local-user abc class manage
[Sysname-luser-manage-abc] password-control length 9
Related commands
display password-control
password-control length enable
password-control login idle-time
Use password-control login idle-time to set the maximum account idle time. If a user account is idle for
this period of time, you can no longer use this account to log in to the device.
Use undo password-control login idle-time to restore the default.