3Com Switch 7750 Configuration Guide Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

811

812

813

814

815

816

817

818

819

820

Password Control Configuration 819

Password Control

Configuration

Prerequisites

A user PC is connected to the switch to be configured; both devices are operating

normally.

Configuration Tasks The following sections describe the configuration tasks for password control:

■ “Configuring Password Aging”

■ “Configuring the Limitation of Minimum Password Length”

■ “Configuring History Password Recording”

■ “Configuring a User Login Password in Encryption Mode”

■ “Configuring Login Attempts Limitation and Failure Processing Mode”

■ “Configuring the Timeout Time for Users to be authenticated”

After the above configuration, you can execute the display password-control

command in any view to check the information about the password control for all

users, including the enable/disable state of password aging, the aging time, the

alert time before password expiration; the enable/disable state of the minimum

password length limitation, the configured minimum password length (if

available); the enable/disable state of history password recording, the maximum

number of history password records, the time when the password history was last

cleared; the timeout time for password authentication; the maximum number of

attempts, and the processing mode for login attempt failures.

If the password attempts of a user fail for several times, the system may add the

user to the blacklist. You can execute the display password-control blacklist

command in any view to check the names and the IP addresses of such users.

Configuring Password

Aging

CAUTION: You can configure the password aging time when password aging is

not yet enabled, but these configured parameters will not take effect.

Table 632 Configure password aging

Operation Command Description

Enter system view system-view -

Enable password aging

password-control aging

enable

Required

By default, password aging is

disabled.

Set aging time for super

passwords

password-control super

aging aging-time

Required

By default, the aging time is

90 days.

Set aging time for system

password-control aging

aging-time

Enable the system to alert

users to change their

passwords when their

passwords will soon expire,

and specify how many days

ahead of the expiration the

system alerts the users.

password-control

alert-before-expire

alert-time

Required

By default, users are alerted

seven days ahead of the

password expiration.