R2511-HP MSR Router Series Security Command Reference(V5)

ManualsBrandsHP ManualsNetwork HardwareHP MSR1003-8 AC Router

541

542

543

544

545

546

547

548

549

550

531

In both non-FIPS and FIPS modes, the password composition policy for a user group is the same as the

global policy, and the password composition policy for a local user is the same as that of the user group

to which the local user belongs.

Views

System view, user group view, local user view

Default command level

2: System level

Parameters

type-number type-number: Specifies the minimum number of character types in the password. The value

range for the type-number argument is 1 to 4 in non-FIPS mode and fixed at 4 in FIPS mode.

type-length type-length: Specifies the minimum number of characters that are from each character type.

The value range for the type-length argument is 1 to 63 in non-FIPS mode, and 1 to 15 in FIPS mode.

Usage guidelines

The password composition policy depends on the view:

• The policy in system view has global significance and applies to all user groups.

• The policy in user group view applies to all local users in the user group.

• The policy in local user view applies only to the local user.

A password composition policy with a smaller application scope has higher priority. The system prefers

to use the password composition policy in local user view for a local user. If no policy is configured for

the local user, the system uses the policy for the user group to which the local user belongs. If no policy

is configured for the user group, the system uses the global policy.

Examples

# Specify that all passwords must each contain at least three character types and at least five characters

for each type.

<Sysname> system-view

[Sysname] password-control composition type-number 3 type-length 5

# Specify that the passwords of user group test must each contain at least three character types and at

least five characters for each type.

[Sysname] user-group test

[Sysname-ugroup-test] password-control composition type-number 3 type-length 5

[Sysname-ugroup-test] quit

# Specify that the passwords of local user abc must each contain at least three character types and at

least five characters for each type.

[Sysname] local-user abc

[Sysname-luser-abc] password-control composition type-number 3 type-length 5

Related commands

• display password-control

• local-user

• user-group

password-control enable

Use password-control enable to enable the password control feature globally.