HP VPN Firewall Appliances Access Control Configuration Guide
281
[Firewall] password-control login-attempt 2 exceed lock
# Set the password aging time to 30 days for all passwords.
[Firewall] password-control aging 30
# Set the minimum password update interval to 36 hours.
[Firewall] password-control password update interval 36
# Specify that a user can log in five times within 60 days after the password expires.
[Firewall] password-control expired-user-login delay 60 times 5
# Set the maximum account idle time to 30 days.
[Firewall] password-control login idle-time 30
# Refuse any password that contains the username or the reverse of the username.
[Firewall] password-control complexity user-name check
# Specify that no character of the password can be repeated three or more times consecutively.
[Firewall] password-control complexity same-character check
# Specify that a super password must contain at least three character types and at least five characters
for each type.
[Firewall] password-control super composition type-number 3 type-length 5
# Configure a super password.
[Firewall] super password level 3 simple 12345ABGFTweuix
# Create a local user named test.
[Firewall] local-user test
# Set the service type of the user to Telnet.
[Firewall-luser-test] service-type telnet
# Set the minimum password length to 12 for the local user.
[Firewall-luser-test] password-control length 12
# Specify that the password must contain at least two character types and at least five characters for each
type.
[Firewall-luser-test] password-control composition type-number 2 type-length 5
# Set the password aging time to 20 days for the local user.
[Firewall-luser-test] password-control aging 20
# Configure the password of the local user in interactive mode.
[Firewall-luser-test] password
Password:***********
Confirm :***********
Updating user(s) information, please wait........
[Firewall-luser-test] quit
Verifying the configuration
# Display the global password control configuration.
<Firewall> display password-control
Global password control configurations:
Password control: Enabled
Password aging: Enabled (30 days)
Password length: Enabled (10 characters)
Password composition: Enabled (1 types, 1 characters per type)