HP 6125XLG R2306-HP 6125XLG Blade Switch Security Configuration Guide - Page 121
Displaying and maintaining password control, Password control configuration example, Network
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 121 highlights
Displaying and maintaining password control Execute display commands in any view and reset commands in user view. Task Display password control configuration. Display information about users in the password control blacklist. Delete users from the password control blacklist. Clear history password records. Command display password-control [ super ] display password-control blacklist [ user-name name | ip ipv4-address | ipv6 ipv6-address ] reset password-control blacklist [ user-name name ] reset password-control history-record [ user-name name | super [ role role name ] ] NOTE: The reset password-control history-record command can delete the history password records of one or all users even when the password history function is disabled. Password control configuration example Unless otherwise noted, devices in the configuration example are operating in non-FIPS mode. Network requirements Configure a global password control policy to meet the following requirements: • An FTP or VTY user failing to provide the correct password in two successive login attempts is permanently prohibited from logging in. • A user can log in 5 times within 60 days after the password expires. • A password must contain at least 16 characters. • A password expires after 30 days. • The minimum password update interval is 36 hours. • The maximum account idle time is 30 days. • A password cannot contain the username or the reverse of the username. • No character appears consecutively three or more times in a password. • A password must contain at least four character types and at least four characters for each type. Configure a super password control policy for user role network-operator to meet the following requirements: • A super password must contain at least 24 characters. • A super password must contain at least four character types and at least five characters for each type. Configure a password control policy for the local Telnet user test to meet the following requirements: • The password must contain at least 24 characters. • The password must contain at least four character types and at least five characters for each type. • The password for the local user expires after 20 days. 112