show accounts password-policy
Description
Displays password policy information for all users on the switch.
Syntax Description
This command has no arguments or variables.
Default
N/A.
Usage Guidelines
To view the password management information, you must have administrator privileges.
The show accounts
password-policy command displays the following information in
a tabular format:
- Global password management
parameters applied to new accounts upon creation:
- Maximum age—The maximum number of days for the passwords to remain valid.
- History limit—The number of previous password that the switch scans prior to validating a new password.
- Minimum length—The minimum number of characters in passwords.
- Character validation—The passwords must be in the specific format required by the configure account password-policy char-validation command.
- Lockout on login failures—If enabled, the system locks out users after 3 failed login attempts.
- Accounts locked out—Number of accounts locked out.
- User Name—The name of the user. This list displays all of the users who have access to the switch.
- Password Expiry Date—Date the password for this account expires; may be blank.
- Password Max. age—The number of days originally allowed to passwords on this account; may show None.
- Password Min. length—The minimum number of characters required for passwords on this account; may show None.
- Password History Limit—The number of previous passwords the system scans to disallow duplication on this account; may show None.
Example
The following command displays the password management parameters configured for each account on the switch:
# show accounts password-policy --------------------------------------------------------------------------- Accounts global configuration(applied to new accounts on creation) --------------------------------------------------------------------------- Password Max. age : None Password Min. age : None Password Min. Different Chars : 8 Password History limit : None Password Min. length : None Password Character Validation : Disabled Accts. lockout on login failures: Disabled Lockout time period : Until Cleared ---------------------------------------------------------------------------------------------------------- User Name Expiry Max. Expiry Min. Min. Min. Hist Lockout Lockout Flags Date Age Date age len diff Limit Time Time (Max) (Min) char Config Remain -------------------------------- ------------ ---- ------------ ---- ---- ---- ----- ------- ------- ----- admin None None None 0 None U - --- user None None None 0 None U - --- ---------------------------------------------------------------------------------------------------------- Lockout Time Config: (U) Account is locked until cleared via 'clear account <name> lockout'. Flags: (C) Password character validation enabled, (L) Account locked out, (l) Account lockout on login failures enabled
History
This command was first available in ExtremeXOS 11.2.
Minimum different characters for changed password and minimum lifespan for passwords information was added in ExtremeXOS 30.7.
Platform Availability
This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.