Configures the switch to verify the specified number of previous passwords for the account. The user is prevented from changing the password on a user or administrative account to any of these previously saved passwords.
| all | Specifies all accounts (and future users). |
| name | Specifies an account name. |
| num_passwords | Specifies the number of previous passwords the system verifies for each account. The range is 1 to 10 passwords. |
| duration | Specifies the length of time that history will be checked. |
| days | Specifies that passwords used within the specified number of days can't be reused. Range 1,365. |
| none | Resets the system to not remember any previous passwords. |
N/A.
Use this command to instruct the system to verify new passwords against a list of all previously used passwords, once an account successfully changes a password.
The limit is the number of previous passwords that the system checks against in the record to verify the new password.
If this parameter is configured, the system returns an error message if a user attempts to change the password to one that is saved by the system (up to the configured limit) for that account; this applies to both user and administrative accounts. This also applies to a configured password on the default admin account on the switch.
The limit of previous passwords that the system checks for previous use is configurable from 1 to 10. Using the none option disables previous password tracking and returns the system to the default state of no record of previous passwords.
History can be set to 1 to 365 days. If duration is specified, then passwords used in the "duration" number of days can't be reused.
Using the duration option, a maximum of 25 passwords will be stored for any account.
The following command instructs the system to verify that the new password has not been used as a password in the previous 5 passwords for the account engineering:
configure account engineering password-policy history 5
The following command instructs the system that a password used within the last 3 months is not allowed for all accounts:
configure account all password-policy history duration 5
This command was first available in ExtremeXOS 11.2.
The duration option was added in version 33.1.1.
This command is available on all Universal switches supported in this document.