HP StorageWorks 8/8 Brocade Fabric OS Command Reference v6.3.0 (53-1001337-01, - Page 546
duration begins with the first login attempt after the lockout threshold has
View all HP StorageWorks 8/8 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 546 highlights
2 passwdCfg -minpasswordage value Specifies the minimum number of days that must elapse before a password can be changed. -minpasswordage can be set at 0 to 999. The default value is 0. Setting this parameter to a nonzero value discourages a user from rapidly changing a password in order to defeat the password history setting to reuse a recently used password. The minpasswordage policy is not enforced when an administrator changes the password for another user.. -maxpasswordage value Specifies the maximum number of days that can elapse before a password must be changed. This is the password expiration period. -maxpasswordage can be set at 0 to 999. Setting this parameter to 0 disables password expiration. The default value is 0. When -maxpasswordage is set to a nonzero value, -minpasswordage must be set to a value less than or equal to -maxpasswordage. -warning value Specifies the number of days prior to password expiration that a warning of password expiration is displayed. The valid range for -warning is 0 to 999. The default value to 0. -lockoutthreshold value Specifies the number of times a user can specify an incorrect password during login before the account is locked. The number of failed login attempts is counted from the last successful login. Values for -lockoutthreshold range from 0 to 999. Setting this parameter to 0 disables the lockout mechanism. The default value is 0. -lockoutduration value Specifies the time, in minutes, after which a previously locked account automatically unlocks. lockoutduration values range from 0 to 99999. The default value is 30. Setting this parameter to 0 disables lockout duration, requiring an administrative action to unlock the account. The lockout duration begins with the first login attempt after the lockout threshold has been reached. Subsequent failed login attempts do not extend the lockout period. --enableadminlockout -repeat value Enables the admin lockout policy and sets the config parameter "passwdcfg.adminlockout" to 1. If the parameter "passwdcfg.lockoutthreshold" is set to greater than 0 and Admin Lockout policy is enabled, then, if the number of failed login attempts from the last successful login equals the "passwdcfg.lockoutthreshold", the account gets locked for the "passwdcfg.lockoutduration" duration. The particular account is unlocked manually using userconfig --change account name-u (requires root/factory/security admin/admin privileges) or it is automatically unlocked after "passwdcfg.lockoutduration" duration. Specifies the length of repeated character sequences that will be disallowed. For example, if the "repeat" value is set to 3, a password "passAAAword" is disallowed because it contains the repeated sequence "AAA". A password of "passAAword" would be allowed because no repeated character sequence exceeds two characters. The range of allowed values is 1-40. 516 Fabric OS Command Reference 53-1001337-01