4000 Router Series Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

121

122

123

124

125

126

127

128

129

130

112

Syntax

password-control aging aging-time

undo password-control aging

Default

A password expires after 90 days. The password expiration time of a user group equals the global

setting, and the password expiration time of a local user equals that of the user group to which the local

user belongs.

Views

System view, user group view, local user view

Predefined user roles

network-admin

Parameters

aging-time: Specifies the password expiration time in days in the range of 1 to 365.

Usage guidelines

The expiration time depends on the view:

• The time in system view has global significance and applies to all user groups.

• The time in user group view applies to all local users in the user group.

• The time in local user view applies only to the local user.

A password expiration time with a smaller application scope has higher priority. The system prefers to

use the password expiration time in local user view for a local user. If no password expiration time is

configured for the local user, the system uses the password expiration time for the user group to which the

local user belongs. If no password expiration time is configured for the user group, the system uses the

global password expiration time.

Examples

# Globally set the passwords to expire after 80 days.

<Sysname> system-view

[Sysname] password-control aging 80

# Set the passwords for user group test to expire after 90 days.

[Sysname] user-group test

[Sysname-ugroup-test] password-control aging 90

[Sysname-ugroup-test] quit

# Set the password for device management user abc to expire after 100 days.

[Sysname] local-user abc class manage

[Sysname-luser-manage-abc] password-control aging 100

Related commands

• display local-user

• display password-control

• display user-group

• password-control aging enable