Password Control配置命令

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

display password-control命令用来显示密码管理的配置信息。

#【举例】
# 显示全局密码管理信息。

<Sysname> display password-control

Global password control configurations:

 Password control:                    Disabled

 Password aging:                      Enabled (90 days)

 Password length:                     Enabled (10 characters)

 Password composition:                Enabled (1 types,  1 characters per type)

 Password history:                    Enabled (max history records:4)

 Early notice on password expiration: 7 days

 User authentication timeout:         60 seconds

 Maximum failed login attempts:       3 times

 Login attempt-failed action:         Lock for 1 minutes

 Minimum password update time:        24 hours

 User account idle-time:              90 days

 Login with aged password:            3 times in 30 days

 Password complexity:                 Disabled (username checking)

                                      Disabled (repeated characters checking)

# 显示super密码管理信息。

<Sysname> display password-control super

 Super password control configurations:

 Password aging:                      Enabled (90 days)

 Password length:                     Enabled (10 characters)

 Password composition:                Enabled (1 types,  1 characters per type)

字段解释

字段 描述
Password control 全局密码管理功能的开启状态
Password aging 密码老化功能的开启状态(密码的老化时间)
Password length 密码最小长度功能的开启状态(密码的最小长度)
Password composition 密码组合策略的开启状态(密码元素的组合类型、至少要包含每种元素的个数)
Password history 密码历史记录功能的开启状态(密码历史记录的最大条数)
Early notice on password expiration 密码过期前的提醒时间
User authentication timeout 认证超时时长
Maximum failed login attempts 用户最大登录尝试次数
Login attempt-failed action 登录尝试次数达到设定次数后的用户帐户锁定方式
Minimum password update time 密码更新的最小时间间隔
User account idle-time 用户帐号闲置时间
Login with aged password 密码过期后允许用户登录的次数和时间
Password complexity 密码复杂度检查功能,可检查内容包括:是否包含用户名或者颠倒的用户名;是否包含三个或以上相同字符