HP MSR2000/3000/4000 Router Series Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP MSR2003 AC Router

84

Setting local user password control parameters

Ste

p

Command

Remarks

1. Enter system view.

system-view N/A

2. Create a device management

user and enter local user view.

local-user user-name class manage

By default, no local user exists.

Local user password control

applies to device management

users instead of network access

users.

For information about how to

configure a local user, see

"Configuring AAA."

3. Configure the password

expiration time for the local

user.

password-control aging aging-time

By default, the setting equals that

for the user group to which the

local user belongs. If no expiration

time is configured for the user

group, the global setting applies to

the local user.

4. Configure the minimum

password length for the local

user.

password-control length length

By default, the setting equals that

for the user group to which the

local user belongs. If no minimum

password length is configured for

the user group, the global setting

applies to the local user.

5. Configure the password

composition policy for the

local user.

password-control composition

type-number type-number

[ type-length type-length ]

By default, the settings equal those

for the user group to which the

local user belongs. If no password

composition policy is configured

for the user group, the global

settings apply to the local user.

6. Configure the password

complexity checking policy

for the local user.

password-control complexity

{ same-character | user-name }

check

By default, the settings equal those

for the user group to which the

local user belongs. If no password

complexity checking policy is

configured for the user group, the

global settings apply to the local

user.

7. Specify the maximum number

of login attempts and the

action to be taken for the local

user when the user fails to log

in after the specified number

of attempts.

password-control login-attempt

login-times [ exceed { lock |

lock-time time | unlock } ]

By default, the settings equal those

for the user group to which the

local user belongs. If no

login-attempt policy is configured

for the user group, the global

settings apply to the local user.

Setting super password control parameters

The super password allows you to obtain a temporary user role without reconnecting to the device. For

more information, see Fundamentals Configuration Guide.