Access, logon names, and passwords

Use the show cli password command to display the access, logon name, and password combinations. The syntax for this command is as follows.

show cli password

The following example shows output from the show cli password command if enhanced secure mode is disabled.

Switch:1#show cli password
        access-level
        aging     90

        min-passwd-len 10
        password-history 3

        ACCESS    LOGIN            STATE
        l3        l3               ena
        l2        l2               ena
        l1        l1               ena
        Default Lockout Time       60
        Default Lockout Retries		3
        Lockout-Time:
        IP                  Time

The following example shows output from the show cli password command if enhanced secure mode is enabled.

Note

Note

After you enable enhanced secure mode, the parameters in the output for the show cli password command apply to all of the role-based users, except for the admin user. So for instance, the system mandates that the admin user must have a password length of 15, and a password with two of each of the following characters: uppercase, lowercase, numeric and special character. However, the admin user can then configure this differently for the other user access levels. The following values that display for min-passwd-len and password-rule are those configured by admin, and they apply to the privilege, operator, security, and auditor access levels.

Switch:1#show cli password
        change-interval 24
        min-passwd-len 8
        password-history 3
        password-rule 1 1 1 1
        pre-expiry-notification-interval 1 7 30
        post-expiry-notification-interval 1 7 30
        access-level
        ACCESS        LOGIN       AGING  MAX-SSH-SESSIONS  STATE
        admin         rwa         90     3                 ena
        privilege                 90     3                 dis
        operator      oper1       90     3                 ena
        security      security    90     3                 ena
        auditor       auditor     90     3                 ena
        Default Lockout Time       60
        Lockout-Time: