super password

Function

The super password command sets the password for switching a user from a lower level to a higher level.

The undo super password command deletes the password for switching a user from a lower level to a higher level.

By default, no password is configured for switching a user from a lower level to a higher level. A password must be configured for switching a user from a lower level to a higher level. Otherwise, the switching fails.

Format

super password [ level user-level ] [ cipher password ]

undo super password [ level user-level ]

Parameters

Parameter	Description	Value
level user-level	Specifies the user level that needs to be changed.	The value is an integer that ranges from 1 to 15. By default, the system sets a password for a user that switches to level 3.
cipher password	Specifies the password for changing a level.	When cipher is not entered, password input is in man-machine interaction mode, and the system does not display the entered password. The password is a string of 8 to 16 case-sensitive characters. The password must contain at least two of the following characters: upper-case character, lower-case character, digit, and special character. Question mark (?) and space characters are not supported. When cipher is entered, the password is displayed in either simple or ciphertext mode during input. When being input in simple mode, the password requirements are the same as those when cipher is not entered. When being input in ciphertext, the password must be a string of 56 consecutive characters. NOTE: If the source version supports a ciphertext password which is a string of 24 or 32 characters, the target version also supports this type of password. When setting the password for switching the user level, if the current user level is higher than the specified user level and the password exists, the old password does not need to be verified. If the current user level is lower than the specified user level, enter the correct old password; otherwise, the configuration will fail. The password is displayed in ciphertext in the configuration file regardless of whether it is input in simple or ciphertext mode.

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

If users' rights are redefined, users need to run the super command to change their levels from low to high. For safety, users need to be authenticated when they change their levels. Users can run the super password command to set the password of changing their levels from low to high for authentication.

Precautions

The password entered by a user is saved in ciphertext, irrespective of whether cipher is specified. Therefore, if the password is lost, you cannot get it back.
Users can press Ctrl+C to cancel the operation when they run the super password.
When a user with a level lower than the level configured using this command queries the password configured using the display this or display current-configuration command, the password is displayed as asterisks (******).

Example

# Set the password Abcd@123 for switching a user from a lower level to level 3, with cipher configured for the password.

<HUAWEI> system-view

[HUAWEI] super password level 3 cipher Abcd@123

Info: The password will be changed, please verify the old password.
Please enter old password:
Info: The password is changed successfully.

# Set the password Abcd@123 for switching a user from a lower level to level 3, with cipher not configured for the password.

<HUAWEI> system-view

[HUAWEI] super password level 3

Please configure the login password (8-16)
Enter Password:
Confirm Password:
Info: The password will be changed, please verify the old password.
Please enter old password:
Info: The password is changed successfully.