User Guidelines
Relevant to local user passwords, line passwords, and enable passwords.
For tracking purposes, passwords are not deleted from the history database after becoming 'irrelevant'. A
period of time that the password cannot be changed (according to the history table) must be configured.
By increasing a password 's relevance for tracking purposes by a number of days, it may cause the
irrelevant password to be relevant again.
Example
The following example configures the number of days that a password is relevant for tracking its
password history to 120.
Console(config)# passwords history hold-time 120
passwords lockout
The passwords lockout Global Configuration mode command sets the number of failed login attempts
before a user account is locked. Use the no form of this command to remove this condition.
Syntax
•
passwords lockout number
•
no passwords lockout
•
number — Number of failed login attempts before the user account is locked. (Range: 1 - 5)
Default Configuration
No locked user account due to failed login attempts.
Command Mode
Global Configuration mode.
User Guidelines
•
Relevant to local user passwords, line passwords, and enable passwords.
•
The user account can still access the local console.
•
A different administrator, with privilege level 15, can release a locked account by using the set
username active command.
Example
The following example configures the number of failed login attempts before a user account is locked to 3.
Console(config)# passwords lockout 3
445
TIC Commands