password-control aging
Use password-control aging to set the password aging time.
Use undo password-control aging to restore the default.
Syntax
password-control aging aging-time
undo password-control aging
Default
A password expires after 90 days. The password aging time for a user group equals the global setting. The password aging time for a local user equals that of the user group to which the local user belongs.
Views
System view
User group view
Local user view
Predefined user roles
network-admin
mdc-admin
Parameters
aging-time: Specifies the password aging time in days, in the range of 1 to 365.
Usage guidelines
The aging time depends on the view:
The time in system view has global significance and applies to all user groups.
The time in user group view applies to all local users in the user group.
The time in local user view applies only to the local user.
A password aging time with a smaller application scope has higher priority. The system prefers to use the password aging time in local user view for a local user.
If no password aging time is configured for the local user, the system uses the password aging time for the user group to which the local user belongs.
If no password aging time is configured for the user group, the system uses the global password aging time.
Examples
# Globally set the passwords to expire after 80 days.
<Sysname> system-view [Sysname] password-control aging 80
# Set the passwords for user group test to expire after 90 days.
[Sysname] user-group test [Sysname-ugroup-test] password-control aging 90 [Sysname-ugroup-test] quit
# Set the password for device management user abc to expire after 100 days.
[Sysname] local-user abc class manage [Sysname-luser-manage-abc] password-control aging 100
Related commands
display local-user
display password-control
display user-group
password-control aging enable