Usage guidelines
You can enable both username checking and repeated character checking.
After the password complexity checking is enabled, complexity-incompliant passwords will be refused.
Examples
# Configure the password complexity checking policy, refusing any password that contains the username
or the reverse of the username.
<Sysname> system-view
[Sysname] password-control complexity user-name check
Related commands
display password-control
password-control composition
Use password-control composition to configure the password composition policy.
Use undo password-control composition to restore the default.
Syntax
password-control composition type-number type-number [ type-length type-length ]
undo password-control composition
Default
In non-FIPS mode, the password using the global composition policy must contain at least one character
type and at least one character for each type.
In FIPS mode, the password using the global composition policy must contain four character types and
at least one character for each type.
In both non-FIPS and FIPS modes, the password composition policy for a user group is the same as the
global policy, and the password composition policy for a local user is the same as that of the user group
to which the local user belongs.
Views
System view, user group view, local user view
Predefined user roles
network-admin
Parameters
type-number type-number: Specifies the minimum number of character types that a password must
contain. The value range for the type-number argument is 1 to 4 in non-FIPS mode, and is fixed at 4 in
FIPS mode.
type-length type-length: Specifies the minimum number of characters that are from each type in the
password. The value range for the type-length argument is 1 to 63 in non-FIPS mode, and 1 to 15 in FIPS
mode. The following character types are available:
•
Uppercase letters A to Z.
Lowercase letters a to z.
•
Digits 0 to 9.
•
Special characters in
•
Table
17.
131