558
C
49: P
HAPTER
ASSWORD
c
Configuring the
Limitation of Minimum
Password Length
C
C
ONTROL
ONFIGURATION
Settings in the local user view apply to the local user password only.
■
Settings on the parameters of the super passwords apply to super passwords
■
only.
The priority of these settings is as follows:
For local user passwords, the settings in local user view override those in system
■
view unless the former are not provided.
For super passwords, the separate settings for super password override those in
■
system view unless the former are not provided.
After password aging is enabled, the device will decide whether the user password
ages out when a user logging into the system is undergoing the password
authentication. This has three cases:
1 The password has not expired. The user logs in before the configured alert time. In
this case, the user logs in successfully.
2 The password has not expired. The user logs in after the configured alert time. In
this case, the system alerts the user to the remaining time (in days) for the
password to expire and prompts the user to change the password.
If the user chooses to change the password and changes it successfully, the
■
system records the new password, restarts the password aging, and allows the
user to log in at the same time.
If the user chooses not to change the password, the system allows the user to
■
log in. If the user chooses to change the password but fails in modification, the
system logs out the user after the maximum number of attempts is reached.
3 The password has already expired. In this case, the system alerts the user to the
expiration, requires the user to change the password, and requires the user to
change the password again if the user inputs an inappropriate password or the
two input passwords are inconsistent.
CAUTION:
You can configure the password aging time when password aging is not yet
■
enabled, but these configured parameters will not take effect.
After the user changes the password successfully, the switch saves the old
■
password in a readable file in the flash memory.
The switch does not provide the alert function for FTP passwords. And when an
■
FTP user logs in with a wrong password, the system just informs the user of the
password error, and it does not allow the user to change the password.
This function is used to enable the switch to check the password length when a
password is configured. If the switch finds the length of the input password does
not meet the limitation, it informs the user of this case and requires the user to
input a new password.
Table 410 Configure the limitation of the minimum password length
Operation
Enter system view
O
PERATIONS
Command
system-view
Description
-