R2511-HP MSR Router Series Security Command Reference(V5)
534
Views
System view, user group view, local user view
Default command level
2: System level
Parameters
length: Specifies the minimum password length in characters. The value range is 4 to 32 in non-FIPS
mode, and 8 to 32 in FIPS mode.
Usage guidelines
In non-FIPS mode, the minimum password length for a user group and a local user is four characters.
In FIPS mode, the minimum password length for a user group and a local user is eight characters.
The minimum length setting depends on the view:
• The setting in system view has global significance and applies to all user groups.
• The setting in user group view applies to all local users in the user group.
• The setting in local user view applies only to the local user.
A minimum password length with a smaller application scope has higher priority. The system prefers to
use the minimum password length in local user view for a local user. If no minimum password length is
configured for the local user, the system uses the minimum password length for the user group to which
the local user belongs. If no minimum password length is configured for the user group, the system uses
the global minimum password length.
Examples
# Set the global minimum password length to 9 characters.
<Sysname> system-view
[Sysname] password-control length 9
# Set the minimum password length to 9 characters for user group test.
[Sysname] user-group test
[Sysname-ugroup-test] password-control length 9
[Sysname-ugroup-test] quit
# Set the minimum password length to 9 characters for local user abc.
[Sysname] local-user abc
[Sysname-luser-abc] password-control length 9
Related commands
• display password-control
• local-user
• user-group
password-control login idle-time
Use password-control login idle-time to set the maximum account idle time. If a user account is idle for
this period of time, you can no longer use this account to log in to the device.
Use undo password-control login idle-time to restore the default.