HP MSR2000/3000/4000 Router Series Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

83

Ste

p

Command

Remarks

8. Specify the maximum number

of login attempts and the

action to be taken when a

user fails to log in after the

specified number of attempts.

password-control login-attempt

login-times [ exceed { lock |

lock-time time | unlock } ]

By default, the maximum number

of login attempts is 3 and a user

failing to log in after the specified

number of attempts must wait for 1

minute before trying again.

9. Set the number of days during

which a user is notified of the

pending password expiration.

password-control

alert-before-expire alert-time

The default setting is 7 days.

10. Set the maximum number of

days and maximum number

of times that a user can log in

after the password expires.

password-control

expired-user-login delay delay

times times

By default, a user can log in three

times within 30 days after the

password expires.

11. Set the maximum account idle

time.

password-control login idle-time

idle-time

The default setting is 90 days.

Setting user group password control parameters

Ste

p

Command

Remarks

1. Enter system view.

system-view N/A

2. Create a user group and enter

user group view.

user-group group-name

By default, no user group exists.

For information about how to

configure a user group, see

"Configuring AAA."

3. Configure the password

expiration time for the user

group.

password-control aging aging-time

By default, the password

expiration time of the user group

equals the global password

expiration time.

4. Configure the minimum

password length for the user

group.

password-control length length

By default, the minimum password

length of the user group equals the

global minimum password length.

5. Configure the password

composition policy for the

user group.

password-control composition

type-number type-number

[ type-length type-length ]

By default, the password

composition policy of the user

group equals the global password

composition policy.

6. Configure the password

complexity checking policy

for the user group.

password-control complexity

{ same-character | user-name }

check

By default, the password

complexity checking policy of the

user group equals the global

password complexity checking

policy.

7. Specify the maximum number

of login attempts and the

action to be taken when a

user in the user group fails to

log in after the specified

number of attempts.

password-control login-attempt

login-times [ exceed { lock |

lock-time time | unlock } ]

By default, the login-attempt policy

of the user group equals the global

login-attempt policy.