3Com 4210 PWR Configuration Manual page 559

Configuring Password
Aging
n
"Configuring History Password Recording"
■
"Configuring a User Login Password in Interactive Mode"
■
"Configuring Login Attempt Times Limitation and Failure Processing Mode"
■
"Configuring the Password Authentication Timeout Time"
■
"Configuring Password Composition Policies"
■
After the above configuration, you can execute the display password-control
command in any view to check the information about the password control for all
users, including the enabled/disabled state of password aging, the aging time,
enabled/disabled state of password composition policy, minimum number of types
that a password should contain, minimum number of characters of each type, the
enabled/disabled state of history password recording, the maximum number of
history password records, the alert time before password expiration, the timeout
time for password authentication, the maximum number of attempts, and the
processing mode for login attempt failures.
If the password attempts of a user fail for several times, the system adds the user
to the blacklist. You can execute the display password-control blacklist
command in any view to check the names and the IP addresses of such users.
Table 409 Configure password aging
Operation
Enter system view
Enable password aging
Configure a password
aging time globally
Configure a password
aging time for a super
password
Enable the system to alert
users to change their
passwords when their
passwords will soon expire,
and specify how many
days ahead of the
expiration the system alerts
the users.
Create a local user or enter
local user view
Configure a password
aging time for the local
user
In this section, you must note the effective range of the same commands when
executed in different views or to different types of passwords:
Global settings in system view apply to all local user passwords and super
■
passwords.
Password Control Configuration
Command
system-view
password-control aging enable Optional
password-control aging
aging-time
password-control super aging
aging-time
password-control
alert-before-expire alert-time
local-user user-name
password-control aging
aging-time
557
Description
-
By default, password aging is
enabled.
Optional
By default, the aging time is
90 days.
Optional
By default, the aging time is
90 days.
Optional
By default, users are alerted
seven days ahead of the
password expiration.
-
Optional
By default, the aging time is
90 days.