manager-user password-modify enable
Function
The manager-user password-modify enable command enables the password change function for administrators.
The undo manager-user password-modify enable command disables the password change function.
Usage Guidelines
By default, the password change function is enabled.
If an administrator logs in to the FW after password change function is enabled, the FW will prompt the administrator to perform the following operations based on the administrator account and password status:
- If the administrator logs in to the FW for the first time after password change function is enabled, the FW prompts for password change. The administrator can log in only after changing the password.
- If the administrator's password is about to expire in 10 days, the FW prompts for password change. The administrator can select to change the password immediately or ignore it.
- If the administrator's password has expired, the FW prompts for password change. The administrator can log in only after changing the password.
You cannot change the password to any of the latest 10 passwords.
If the validity period of a password is set to 0 by the manager-user password valid-days command, the password change function does not take effect.
- After the password change function for administrators is enabled (manager-user password-modify enable), the device reads administrator passwords from the CF card, but not the configuration profile after restart. Administrators cannot restore their login passwords from the configuration profile. You must delete the manager-user password-modify enable command from the configuration file before performing the restoration operation. Therefore, you are advised to disable the function if no requirement is posed on regular password change. If the password change function is enabled, run the save command upon each password change to ensure password consistency between the database and the configuration profile.
- If the configuration file to be exported is used as the configuration file for the next startup of other devices and contains the administrator and manager-user password-modify enable configurations, you need to export the database in hda1:/uldb/ulsystem/ and then upload the database to the target device.