password configuration

The password configuration command enables the aging, logon, and history checks and configures the aging and history parameters.

The no option disables the password configuration feature.

Syntax


password configuration [aging | 
           history | 
           log-on-details | 
           aging-period <aging-time> | 
           alert-before-expiry <alert-time> | 
           expired-user-login [days <delay> ] [attempts <time> ] | 
           update-interval-time <time> | 
           history-record <max-record-num>

no password configuration [aging | 
           history | 
           log-on-details | 
           aging-period <aging-time> | 
           alert-before-expiry <alert-time> | 
           expired-user-login [days <delay> ] [attempts <time> ] | 
           update-interval-time <time> | 
           history-record <max-record-num>]

Parameters

aging

Enables the password configuration aging check.

history

Enables the password history check.

log-on-details

Disables execution of the show authentication last-login command to display the logon details.

aging-period

Configures the password aging time for a system.

alert-before-expiry

Sets the number of days before password aging during which the user is warned of the pending password expiration.

expired-user-login

Configures additional login attempts within a specified period during which a user is allowed to access the switch without changing an expired password.

update-interval-time

The period of waiting, in hours, before an existing password can be changed.

history-record

Configures the maximum number of history password records for each user.

Parameters

no

Disables the password configuration feature.

attempts

The number of subsequent login attempts allowed after the password expiry. Possible values are 0 to 10, the default value is 3.

days

The period during which subsequent login attempts are allowed after the password expiry. Possible values are 1 to 90, the default value is 30 days.

update-interval-time <time>

The minimum period of waiting, in hours, before an existing password can be updated. Possible values are 0 to 168, the default value is 24 hours.

max-record-num

Maximum number of history password records. Possible values are 2 to 15 for each user, the default value is 8.

aging-time

Password aging time, in days. Possible values are 1 to 365, the default value is 90 days.

alert-time

Sets the number of days before password aging during which the user is warned of the pending password expiration. The no option sets the alert time to the default value of 7.