set authentication password

Function

The set authentication password command sets a password for password authentication on a FW.

The undo set authentication password command deletes a password for password authentication on a FW.

By default, no password is set on the device for password authentication.

Format

set authentication password [ cipher password ]

undo set authentication password

Parameters

Parameter	Description	Value
cipher	Specifies that the password for password authentication is saved in ciphertext.	-
password	Specifies the password that you want to set.	The passwords must meet the following requirements: When cipher is not entered, password input is in man-machine interaction mode, and the system does not display the entered password. The password is a string of 8 to 16 case-sensitive characters. The password must contain at least two types of characters: uppercase characters, lowercase characters, digits, and special characters, excluding question marks (?) and spaces. When double quotation marks are used around the string, spaces are allowed in the string. When cipher is entered, the password is displayed in either plaintext or ciphertext during input. If the password is input in plaintext, the system displays the password directly in plaintext, which is insecure. Therefore, entering a password in man-machine interaction mode is recommended. The password requirements are the same as those when cipher is not selected. When being input in ciphertext, the password must be a string of 56 or 68 consecutive characters. The password in ciphertext must start with $1a$ and end with $, or start with %^%# and end with %^%#. NOTE: If the source version supports a ciphertext password which is a string of 24 characters, the target version also supports this type of password. The password is displayed in ciphertext in the configuration file regardless of whether it is input in plaintext or ciphertext.

Views

Administrator interface view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

You need password authentication when you log in to the device.

Prerequisites

Before using the set authentication password command, ensure that the authentication mode in the administrator interface is password. If the authentication mode of the administrator interface is not password, run the authentication-mode command in the administrator interface view to change the mode to password.

Procedure

The set authentication password command sets a local authentication password. If the cipher is not specified in this command, a password of 8 to 16 characters will be set in man-machine interaction mode.

Precautions

If the set authentication password command is run more than once, and only the latest configuration takes effect. When logging in to the device again, you must enter the correct password so that the authentication can be successful, and you can successfully log in to the device.

The authentication mode of the administrator interface has been set to password authentication. The undo set authentication password command does not takes effect any more. The undo set authentication password command is retained for compatibility with other version.

You are advised to change the password periodically to improve device security.

When you run the set authentication password command to set a local authentication password, you can press CTRL_C to cancel the operation.

Do not forget a ciphertext password because it is irretrievable.

Example

# Set the local authentication password for the administrator interfaces VTY 0 to VTY 4 to Hello-huawei.

<sysname> system-view 
[sysname] user-interface vty 0 4 
[sysname-ui-vty0-4] authentication-mode password 
[sysname-ui-vty0-4] set authentication password
Please configure the login password (8-16) 
Enter password: 
Confirm password: 
[sysname-ui-vty0-4]

# Set the local authentication password in the encrypted text for the administrator interfaces VTY 0 to VTY 4 to Admin@123.

<sysname> system-view
[sysname] user-interface vty 0 4
[sysname-ui-vty0-4] authentication-mode password
[sysname-ui-vty0-4] set authentication password cipher Admin@123