3Com WX2200 3CRWX220095A Switch User Manual


 
Configuring Passwords 67
Enabling Password
Restrictions
To activate password restrictions for network and administrative users,
use the
following command:
set authentication password-restrict {enable | disable}
When this command is enabled, the following password restrictions take
effect:
Passwords must be a minimum of 10 characters in length, and a
mix of
uppercase letters, lowercase letters, numbers, and special
characters, including at least two of each (for example, Tre%Pag32!).
A user cannot reuse any of his or her 10 previous passwords (not
applicable to
network users).
When a user changes his or her password, at least 4 characters
must be
different from the previous password.
The password restrictions are disabled by default. When you enable
them, MSS evaluates the passwords configured on the WX and
displays a list of users whose password does not meet the restriction
on length and character types.
For example, to enable password restrictions on the WX switch, type the
following command:
WX# set authentication password-restrict enable
warning: the following users have passwords that do not have
at least 2 each of upper-case letters, lower-case letters,
numbers and special characters -
dan
admin
user1
user2
goofball
dang
success: change accepted.
Setting the Maximum
Number of Login
Attempts
To specify the maximum number of login attempts users can make before
being locked out of the system, use the following command:
set authentication max-attempts number
For Telnet or SSH sessions, a maximum of 4 failed login attempts are
allowed by default. For console or network sessions, an unlimited number
of failed login attempts are allowed by default.