show accounts password-policy

show accounts password-policy

Description

Displays password policy information for all users on the switch.

Syntax Description

This command has no arguments or variables.

Default

N/A.

Usage Guidelines

To view the password management information, you must have administrator privileges.

The show accounts password-policy command displays the following information in a tabular format:
  • Global password management parameters applied to new accounts upon creation:
    • Maximum age—The maximum number of days for the passwords to remain valid.

    • History limit—The number of previous password that the switch scans prior to validating a new password.

    • Minimum length—The minimum number of characters in passwords.

    • Character validation—The passwords must be in the specific format required by the configure account password-policy char-validation command.

    • Lockout on login failures—If enabled, the system locks out users after 3 failed login attempts.

    • Accounts locked out—Number of accounts locked out.

  • User Name—The name of the user. This list displays all of the users who have access to the switch.

  • Password Expiry Date—Date the password for this account expires; may be blank.

  • Password Max. age—The number of days originally allowed to passwords on this account; may show None.

  • Password Min. length—The minimum number of characters required for passwords on this account; may show None.

  • Password History Limit—The number of previous passwords the system scans to disallow duplication on this account; may show None.

Example

The following command displays the password management parameters configured for each account on the switch:

show accounts password-policy

Output from this command looks similar to the following:

---------------------------------------------------------------------------
Accounts global configuration(applied to new accounts on creation)
---------------------------------------------------------------------------
Password Max. age               : None
Password History limit          : None
Password Min. length            : None
Password Character Validation   : Disabled
Accts. lockout on login failures: Disabled
Accounts locked out             : No
Lockout time period             : Until Cleared
---------------------------------------------------------------------------
User Name      Password   Password Password Password Flags
Expiry     Max. age Min. len History
Date                         Limit
---------------------------------------------------------------------------
admin              None    None     None     ---
user              None    None     None     ---
test Apr-17-2005    12       32       9     C--
---------------------------------------------------------------------------
Lockout Time Config: (U) Account is locked until cleared via 'clear account <name> lockout'.
Flags: (C) Password character validation enabled, (L) Account locked out
(l) Account lockout on login failures enabled

History

This command was first available in ExtremeXOS 11.2.

Platform Availability

This command is available on the Summit X450-G2, X460-G2, X670-G2, X770, and ExtremeSwitching X440-G2, X590, X620, X690, X870 series switches.