password-control composition
Syntax
password-control composition type-number type-number [ type-length type-length ]
undo password-control composition
View
System view, user group view, local user view
Default level
2: System level
Parameters
type-number type-number: Specifies the minimum number of password composition types. The value range for the type-number argument is 1 to 4 in non-FIPS mode and fixed at 4 in FIPS mode.
type-length type-length: Specifies the minimum number of characters of each password composition type, in the range of 1 to 63.
Description
Use password-control composition to configure the password composition policy.
Use undo password-control composition to restore the default.
By default, the global password composition policy is as follows:
In non-FIPS mode, the password using the global composition policy must contain at least one character type and at least one character for each type.
In FIPS mode, the password using the global composition policy must contain at least four character types and at least one character for each type.
The default password composition policy of a user group is the same as the global policy, and the default password composition policy of a local user is the same as that of the user group to which the local user belongs.
A password composition policy with a smaller application range has a higher priority. That is, the system prefers the settings for a local user. If there is no setting for the local user, the system will use the settings for the user group. If there is no setting for the user group, the system will use the global settings.
If you do not configure a password composition policy for super passwords, the global password composition policy applies.
Related commands: display password-control, local-user, and user-group.
Examples
# Set the minimum number of password composition types to 3 and the minimum number of characters of each password composition type to 5 for all passwords.
<Sysname> system-view [Sysname] password-control composition type-number 3 type-length 5
# Set the minimum number of password composition types to 3 and the minimum number of characters of each password composition type to 5 for user group test.
[Sysname] user-group test [Sysname-ugroup-test] password-control composition type-number 3 type-length 5 [Sysname-ugroup-test] quit
# Set the minimum number of password composition types to 3 and the minimum number of characters of each password composition type to 5 for local user abc.
[Sysname] local-user abc [Sysname-luser-abc] password-control composition type-number 3 type-length 5