R3102-R3103-HP 6600/HSR6600 Routers Security Command Reference
218
Default
A password expires after 90 days globally. The password aging time of a user group equals the global
setting. The password aging time of a local user equals that of the user group to which the local user
belongs.
Views
System view, user group view, local user view
Default command level
2: System level
Parameters
aging-time: Specifies the password aging time in days, in the range of 1 to 365.
Usage guidelines
The setting in system view has global significance and applies to all user groups. The setting in user
group view applies to all local users in the user group. The setting in local user view applies only to the
local user.
A password aging time setting with a smaller application range has a higher priority. The system prefers
to use the password aging time in local user view for a local user. If no password aging time is configured
for the local user, the system uses the password aging time for the user group to which the local user
belongs. If no password aging time is configured for the user group, the system uses the global password
aging time.
Examples
# Set the global password aging time to 80 days.
<Sysname> system-view
[Sysname] password-control aging 80
# Set the password aging time for user group test to 90 days.
[Sysname] user-group test
[Sysname-ugroup-test] password-control aging 90
[Sysname-ugroup-test] quit
# Set the password aging time for local user abc to 100 days.
[Sysname] local-user abc
[Sysname-luser-abc] password-control aging 100
Related commands
• display password-control
• local-user
• user-group
password-control alert-before-expire
Use password-control alert-before-expire to set the number of days before a user's password expires
during which the user is notified of the pending password expiration.
Use undo password-control alert-before-expire to restore the default.
Syntax
password-control alert-before-expire alert-time