Disables an account after the user has three consecutive failed login attempts.
|all||Specifies all users (and future users).|
|name||Specifies an account name.|
|on||Specifies an account name.|
|off||Resets the password to never lockout the user.|
If you are not working on SSH, you can configure the number of failed logins that trigger lockout, using the configure cli max-failed-logins num-of-logins command.
This command applies to sessions at the console port of the switch as well as all other sessions and to user-level and administrator-level accounts. This command locks out the user after 3 consecutive failed login attempts; the user‘s account must be specifically re-enabled by an administrator.
Using the off option resets the account to allow innumerable consecutive failed login attempts, which is the system default. The system default is that three failed consecutive login attempts terminate the particular session, but the user may launch another session; there is no lockout feature by default.
NoteThe switch does not allow to lock out of at least one administrator account.
The following command enables the account finance for lockout.
After three consecutive failed login attempts, the account is subsequently locked out:
configure account finance password-policy lockout-on-login-failures on
This command was first available in ExtremeXOS 11.2.
This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.