Configures a minimum password lifespan.
all | Applies the configuration to all accounts. |
name | Applies the configuration to the account of the specified name. |
password-policy | Specifies configuring the account password policy. |
min-age | Specifies the minimum lifespan of passwords. |
num_days | Specifies a minimum lifespan of passwords in days. Range is 1 to 365 days. |
none | Specifies no limitation on the minimum lifespan for passwords (default). |
The default is no minimum lifespan for passwords.
Similar to the configure account [all | name] password-policy max-age [num_days | none] command, which requires a password change after a configurable number of days, this command configures a lifespan, or minimum age. Having a minimum lifespan ensures that multiple password changes are not made in quick succession.
In the case of conflicting settings between these two commands, a setting requiring a password change overrides a setting that prohibits a password change. For example, if max-age is set to 10 days, thus requiring a password change in 10 days, and a min-age is set to 20 days, attempting to forbid a password change until 20 days, the configuration to change the password after 10 days takes precedence over the configuration to not change the password for 20 days.
To view the current selection for the minimum lifespan for passwords, use the show accounts password-policy command.
The following example sets a minimum lifespan of 10 days for all accounts:
# configure account all password-policy min-age 10
This command was first available in ExtremeXOS 30.7.
This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.