3Com Switch 8800 Family Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

871

872

873

874

875

876

877

878

879

880

872 CHAPTER 78: PASSWORD CONTROL CONFIGURATION

The configuration of minimum password length involves two situations: the global

configuration command can be used in the system view to configure the minimum

length of all user passwords, and the minimum password length can be configure

for a certain user in the user view. Similar to the password aging time

configuration, when the two types of parameters conflict, the parameters

configured in the user view will prevail.

Configuring the maximum number of attempts of entering a password

and the processing mode for failed login attempts

There is a limitation of the number of entering a password. When the number of

attempts exceeds the configured maximum number of attempts, the system will

have three options:

■ The system will add the user to the blacklist and lock the user for a period of

time by putting the user name + IP address and the lock time into the blacklist.

Each time when the user logs in, the system will search in the blacklist. If the

user name and IP address appear in the blacklist, the system will directly

prohibit the user from going into password authentication. After a preset

period of time, the system will remove the user from the backlist and

re-activate the user. The lock time is specified by the system administrator. The

value range is 3 to 360 minutes, and the default value is 120 minutes.

■ The system will permanently lock the user. In this case, the user can log in again

only if he or she is removed from the blacklist and unlocked by the

administrator manually. The blacklist can contain a maximum of 1024 entries.

■ The system will allow the user to log in again instead of locking him or her.

Once the system administrator manually removes locked users from the blacklist,

these user are unlocked and can log in to the switch again.

Tabl e 823 Configuring minimum password length

Operation Command Description

Enter system view system-view -

Configure the minimum

password length

password-control length

length

The value range of the

minimum password length is

4 to 32 characters. The

default value is 10 characters.

This command can also be

carried out in user view

Tabl e 824 Configuring the maximum number of attempts and the processing mode for

failed login attempts

Operation Command Description

Enter system view system-view -

Configure the maximum

number of attempts of

entering a password

password-control

The value range of the

maximum attempts of

entering a password is 2 to

10; the default value is 3

Configure the processing

mode for failed login attempts

password-control

exceed { lock | unlock |

locktime time }

By default, the system will

lock the user and allow

him/her to log in again a

period of time later