Setting local user password control parameters

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Create a device management user and enter its view.

local-user user-name class manage

By default, no local users exist.

Local user password control applies to device management users instead of network access users.

For information about how to configure a local user, see "Configuring AAA."

3. Configure the password expiration time for the local user.

password-control aging aging-time

By default, the setting equals that for the user group to which the local user belongs. If no expiration time is configured for the user group, the global setting applies to the local user.

4. Configure the minimum password length for the local user.

password-control length length

By default, the setting equals that for the user group to which the local user belongs. If no minimum password length is configured for the user group, the global setting applies to the local user.

5. Configure the password composition policy for the local user.

password-control composition type-number type-number [ type-length type-length ]

By default, the settings equal those for the user group to which the local user belongs. If no password composition policy is configured for the user group, the global settings apply to the local user.

6. Configure the password complexity checking policy for the local user.

password-control complexity { same-character | user-name } check

By default, the settings equal those for the user group to which the local user belongs. If no password complexity checking policy is configured for the user group, the global settings apply to the local user.

7. Configure the login attempt limit.

password-control login-attempt login-times [ exceed { lock | lock-time time | unlock } ]

By default, the settings equal those for the user group to which the local user belongs. If no login-attempt policy is configured for the user group, the global settings apply to the local user.