Configuring the maximum age rule
Use the following procedure to configure the maximum age rule.
If enhanced secure mode is enabled, the individual with the administrator access level role can configure the aging-time for each user. If you configure the aging time for each user, the aging time must be more than the global change interval value. The default is 90 days.
If you do not enable enhanced secure mode, the aging time is a global value for all users.
Before you begin
You must enable enhanced secure mode in either the JITC or non-JITC sub-modes. As a best practice, use the non-JITC sub-mode because the JITC sub-mode is more restrictive and prevents the use of some troubleshooting utilities.
Procedure
Example
Configure the maximum age rule option to 100 days for user jsmith:
Switch:1>enable Switch:1#configure terminal Switch:1(config)#password aging-time day 100 user jsmith Switch:1(config)#save config
Variable definitions
Use the data in the following table to use the password aging-time command.
Variable |
Value |
---|---|
day <1–365> |
Configures the password aging time in days. The default is 90 days. |
user WORD<1–255> |
Specifies a particular user. |