Use the show cli password command to display the access, logon name, and password combinations. The syntax for this command is as follows.
show cli password
The following example shows output from the show cli password command if enhanced secure mode is disabled.
Switch:1#show cli password
access-level
aging 90
min-passwd-len 10
password-history 3
ACCESS LOGIN STATE
l3 l3 ena
l2 l2 ena
l1 l1 ena
Default Lockout Time 60
Default Lockout Retries 3
Lockout-Time:
IP Time
The following example shows output from the show cli password command if enhanced secure mode is enabled.
Note
After you enable enhanced secure mode, the parameters in the output for the show cli password command apply to all of the role-based users, except for the admin user. So for instance, the system mandates that the admin user must have a password length of 15, and a password with two of each of the following characters: uppercase, lowercase, numeric and special character. However, the admin user can then configure this differently for the other user access levels. The following values that display for min-passwd-len and password-rule are those configured by admin, and they apply to the privilege, operator, security, and auditor access levels.
Switch:1#show cli password
change-interval 24
min-passwd-len 8
password-history 3
password-rule 1 1 1 1
pre-expiry-notification-interval 1 7 30
post-expiry-notification-interval 1 7 30
access-level
ACCESS LOGIN AGING MAX-SSH-SESSIONS STATE
admin rwa 90 3 ena
privilege 90 3 dis
operator oper1 90 3 ena
security security 90 3 ena
auditor auditor 90 3 ena
Default Lockout Time 60
Lockout-Time: